Categories
Breach CVE Malware Trojan Vulnerability

Canon breached, Tupperware, news sites hacked, Citrix, Cisco hit, and more

Major cybersecurity events on 25th March 2020: GE employees’ Canon mail accounts hacked. Fake payment form on Tupperware site used to steal credit card details. Hacked news sites delivers backdoor malware disguised as Google updates. Microsoft’s new update fixes Windows Defender.

Round Up of Major Breaches and Scams

GE says some employees hit by data breach at Canon

In a data breach notification sent to affected individuals and submitted to the California Attorney General, GE said an unauthorized party gained access to a Canon email account containing documents belonging to some of its employees. The breach occurred between February 3 and 14 and it resulted in the exposure of information belonging to current and former GE employees and beneficiaries entitled to benefits.

Tupperware site hacked with fake form to steal credit cards

Hackers have compromised the website of the world-famous Tupperware brand and are stealing customers’ payment card details at checkout. The risk existed for a while as researcher’s attempts to alert the company remained unanswered. Some localized versions of the official Tupperware website were also running malicious code that skims credit card data.

Dark web hosting provider hacked again – 7,600 sites down

Daniel’s Hosting (DH), the largest free web hosting provider for dark web services, has shut down today after getting hacked for the second time in 16 months, ZDNet has learned. Almost 7,600 dark web portals have been taken offline following the hack, during which an attacker deleted the web hosting portal’s entire database.

Hackers are messing with routers’ DNS settings as telework surges around the world

According to new BitDefender research, criminals have moved quickly to manipulate personal Wi-Fi routers in a wide swath of countries in Europe, as well as in the United States. Attackers have begun changing Domain Name System (DNS) settings in Linksys routers, pointing users to what they believe is a legitimate website that also includes a pop-up message with information about the pandemic.

Round Up of Major Malware and Ransomware Incidents

Malware disguised as Google updates pushed via hacked news sites

Hacked corporate sites and news blogs running using the WordPress CMS are being used by attackers to deliver backdoor malware that allows them to drop several second-stage payloads such as keyloggers, info stealers, and Trojans. After gaining admin access to the compromised WordPress websites, the hackers inject malicious JavaScript code that will automatically redirect visitors to phishing sites.

WordPress malware distributed via pirated Coronavirus plugins

The threat actors behind the WordPress WP-VCD malware have started to distribute modified versions of Coronavirus plugins that inject a backdoor into a web site. The WP-VCD family of WordPress infections are distributed as nulled, or pirated, WordPress plugins that contain modified code that injects a backdoor into any themes that are installed on the blog as well as various PHP files.

Round Up of Major Vulnerabilities and Patches

Videolabs patches code execution, DoS vulnerabilities in libmicrodns library

Vulnerabilities that Videolabs recently addressed in its libmicrodns library could lead to denial of service (DoS) and arbitrary code execution, Cisco Talos’ security researchers warn. The most severe of the newly discovered vulnerabilities is an exploitable remote code execution bug in the label-parsing functionality of the library. It is tracked as CVE-2020-6072 and has a CVSS score of 9.8.

Chinese hackers hit Citrix, Cisco vulnerabilities in sweeping campaign

Earlier this year, state-backed Chinese hackers embarked on one of the most sweeping Chinese espionage campaigns FireEye has seen in years, according to new research the security firm published Wednesday. The campaign, which lasted between January 20 and March 11, targeted 75 organizations ranging in nearly every economic sector.

Microsoft fixes Windows Defender scan bug with new update

Microsoft has silently fixed the “items skipped during scan” Windows Defender bug that was causing some items to be excluded from scans if they were stored on a network device. The issue was fixed with the release of the KB4052623 update for the Windows Defender antimalware platform that will increment the scan engine’s version to 4.18.2003.8 and will prevent future notifications of files being skipped from appearing.

Apple patches code execution vulnerabilities across product portfolio

Security patches released this week by Apple for many of its products address a variety of vulnerabilities, including multiple issues that could lead to arbitrary code execution on the affected devices. A total of 27 bugs were squashed with the release of macOS Catalina 10.15.4, affecting components such as Bluetooth, Call History, CoreFoundation, FaceTime, Kernel, libxml2, Mail, sudo, and Time Machine, among others.