Round Up of Major Breaches and Scams
Promo.com, an Israeli-based marketing video creation site, has disclosed a data breach after a database containing 22 million user records was leaked for free on a hacker forum. The site allows you to create promotional videos or ads that can then be shared on social networks such as Facebook, Instagram, Twitter, and LinkedIn. In a report shared with BleepingComputer by cybersecurity intelligence firm CloudSEK, a well-known seller of data breaches posted a database containing 22.1 million user records on a hacker forum.
A misconfiguration in the infrastructure of repositories resulted in leaking the source code of dozens of mainstream, high-profile organizations from diverse sectors from tech, food, retail, finance, manufacturing, and e-commerce. A reverse engineer and developer, Tillie Kottmann, collected the leaks, dubbed Exconfidential, from different sources while searching for misconfigured DevOps tools that provide access to source code, and stored them on a repository on GitLab.
The National Security and Defense Council of Ukraine claims the data leak has exposed millions of top websites to cyber attacks. A few weeks ago, we saw a disruption in Cloudflare’s services forcing several top websites to go offline worldwide. The company claimed that they had not been attacked in any way and it was due to a bad software deployment issue. The National Cyber Security Coordination Center of Ukraine has alleged that a data leak has occurred from Cloudflare resulting in the real IP addresses of almost 3 million sites being exposed on the dark web.
Sheffield Hallam University has confirmed that it is dealing with a data breach linked to the software provider Blackbaud. University secretary Michaela Boryslawskyj said in an email to members of its community that it was notified by Blackbaud that Sheffield Hallam and a number of other universities had been affected by the incident. As detailed in the Sheffield Star, the email said Blackbaud’s systems were hacked and personal information relating to its alumni and other members of the community were stolen on Thursday July 16 2020.
Australia’s consumer watchdog launched court action against Google on Monday alleging the technology giant misled account holders about its use of their personal data. The Australian Competition and Consumer Commission’s action in the Federal Court is the latest litigation Google has faced around the world over allegations of privacy breaches. The commission alleges the California-based company misled millions of Australians to obtain their consent and expand the scope of personal information that Google collects.
Email users are being warned not to fall for yet another COVID-related lure after warnings of a new phishing campaign, this time promising the recipient a government-funded tax cut. The email appears to come from the ‘Government Digital Service Team’ and claims to offer a rebate of nearly £400, according to think tank Parliament Street. “You are getting a Council Tax Reduction (this used to be called Council Tax Benefit) considering you’re on a low income or get benefits,” the email begins.
Round Up of Major Malware and Ransomware Incidents
Cyber-security agencies from the UK and the US have published today a joint security alert about QSnatch, a strain of malware that has been infecting network-attached storage (NAS) devices from Taiwanese device maker QNAP. In alerts by the United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC), the two agencies say that attacks with the QSnatch malware have been traced back to 2014.
Round Up of Major Vulnerabilities and Patches
Attackers are exploiting a high-severity vulnerability in Cisco’s network security software products, which is used by Fortune 500 companies. Cisco is warning that a high-severity flaw in its network security software is being actively exploited – allowing remote, unauthenticated attackers to access sensitive data. Patches for the vulnerability (CVE-2020-3452) in question, which ranks 7.5 out of 10 on the CVSS scale, were released last Wednesday.
Boffins from the Ruhr University Bochum (Germany) have disclosed a series of new attack methods, dubbed Shadow attacks, against signed PDF files. Security researchers from the Ruhr University Bochum (Germany) have devised a series of new attack techniques, dubbed Shadow attacks, against signed PDF files. In February 2019, the same team of experts found several flaws in popular PDF viewers and online validation services that allow to deceive the digital signature validation process.