Categories
Breach CVE Cyber Security Data leak Hacking Malware Scam Vulnerability

Cloudflare exposes 3M IP addresses, Australian consumer watchdog accuses Google of privacy breaches, and more

Major cybersecurity events on 28th July 2020 (Morning Post): Promo.com, popular marketing video maker, discloses data breach, 22 million user records leaked on hacker forum. Developer discovers leaked source code of over 50 high-profile organizations from diverse sectors.

Round Up of Major Breaches and Scams

Promo.com discloses data breach after 22M user records leaked online

Promo.com, an Israeli-based marketing video creation site, has disclosed a data breach after a database containing 22 million user records was leaked for free on a hacker forum. The site allows you to create promotional videos or ads that can then be shared on social networks such as Facebook, Instagram, Twitter, and LinkedIn. In a report shared with BleepingComputer by cybersecurity intelligence firm CloudSEK, a well-known seller of data breaches posted a database containing 22.1 million user records on a hacker forum.

Source code of over 50 high profile organizations leaked online

A misconfiguration in the infrastructure of repositories resulted in leaking the source code of dozens of mainstream, high-profile organizations from diverse sectors from tech, food, retail, finance, manufacturing, and e-commerce. A reverse engineer and developer, Tillie Kottmann, collected the leaks, dubbed Exconfidential, from different sources while searching for misconfigured DevOps tools that provide access to source code, and stored them on a repository on GitLab.

Cloudflare suffered data leak; exposing 3 million IP addresses: Ukraine

The National Security and Defense Council of Ukraine claims the data leak has exposed millions of top websites to cyber attacks. A few weeks ago, we saw a disruption in Cloudflare’s services forcing several top websites to go offline worldwide. The company claimed that they had not been attacked in any way and it was due to a bad software deployment issue. The National Cyber ​​Security Coordination Center of Ukraine has alleged that a data leak has occurred from Cloudflare resulting in the real IP addresses of almost 3 million sites being exposed on the dark web.

Sheffield Hallam University Confirms Blackbaud-Linked Data Breach

Sheffield Hallam University has confirmed that it is dealing with a data breach linked to the software provider Blackbaud. University secretary Michaela Boryslawskyj said in an email to members of its community that it was notified by Blackbaud that Sheffield Hallam and a number of other universities had been affected by the incident. As detailed in the Sheffield Star, the email said Blackbaud’s systems were hacked and personal information relating to its alumni and other members of the community were stolen on Thursday July 16 2020.

Australian Watchdog Accuses Google of Privacy Breaches

Australia’s consumer watchdog launched court action against Google on Monday alleging the technology giant misled account holders about its use of their personal data. The Australian Competition and Consumer Commission’s action in the Federal Court is the latest litigation Google has faced around the world over allegations of privacy breaches. The commission alleges the California-based company misled millions of Australians to obtain their consent and expand the scope of personal information that Google collects.

Phishing Scam Promises £400 Council Tax Cut

Email users are being warned not to fall for yet another COVID-related lure after warnings of a new phishing campaign, this time promising the recipient a government-funded tax cut. The email appears to come from the ‘Government Digital Service Team’ and claims to offer a rebate of nearly £400, according to think tank Parliament Street. “You are getting a Council Tax Reduction (this used to be called Council Tax Benefit) considering you’re on a low income or get benefits,” the email begins.

Round Up of Major Malware and Ransomware Incidents

CISA says 62,000 QNAP NAS devices have been infected with the QSnatch malware

Cyber-security agencies from the UK and the US have published today a joint security alert about QSnatch, a strain of malware that has been infecting network-attached storage (NAS) devices from Taiwanese device maker QNAP. In alerts by the United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC), the two agencies say that attacks with the QSnatch malware have been traced back to 2014.

Round Up of Major Vulnerabilities and Patches

Attackers Exploiting High-Severity Network Security Flaw, Cisco Warns

Attackers are exploiting a high-severity vulnerability in Cisco’s network security software products, which is used by Fortune 500 companies. Cisco is warning that a high-severity flaw in its network security software is being actively exploited – allowing remote, unauthenticated attackers to access sensitive data. Patches for the vulnerability (CVE-2020-3452) in question, which ranks 7.5 out of 10 on the CVSS scale, were released last Wednesday.

Shadow attacks allow replacing content in signed PDF files

Boffins from the Ruhr University Bochum (Germany) have disclosed a series of new attack methods, dubbed Shadow attacks, against signed PDF files. Security researchers from the Ruhr University Bochum (Germany) have devised a series of new attack techniques, dubbed Shadow attacks, against signed PDF files. In February 2019, the same team of experts found several flaws in popular PDF viewers and online validation services that allow to deceive the digital signature validation process.