Round Up of Major Breaches and Scams
The Twitter accounts of Bill Gates, Elon Musk, Joe Biden, Apple and Uber have each been hijacked at the same time to push a cryptocurrency scam in an unprecedented breach of Twitter accounts. Twitter locked down thousands of verified accounts belonging to elite Twitter users and high-profile companies Wednesday afternoon in an effort to prevent hackers from perpetrating a massive cryptocurrency scam.
China’s government hackers have targeted members of the Hong Kong Catholic Church in a series of spear-phishing operations traced back to May this year. The attacks have come to light after reports that some of Hong Kong’s church leaders and clergy have been directly involved in supporting pro-democracy protests despite orders from the Vatican to remain neutral.
Five high-risk flaws in health IT software from LibreHealth, a researcher at Bishop Fox finds. Security researchers from Bishop Fox have discovered several critical vulnerabilities in an emerging open source electronic health record (EHR) system from LibreHealth. The vulnerabilities give unauthenticated attackers multiple ways to compromise the application’s underlying server and gain access to sensitive patient health information and health records.
CyberNews received information from reader Jake Dixon, a security researcher with Vadix Solutions, who discovered an unsecured Amazon Simple Storage Solution (S3) database containing more than 31,000 images of users’ passports, driver’s licenses, evidence of age documents, and more. These files are publicly accessible to anyone who has the URL and appears to be owned by LPM Property Management.
Mostly, when an attacker gains access to a database, they try to profit off it either through a ransom or by listing it for sale. Sometimes though due to reasons such as revenge or perhaps ol’ fashioned fun, attackers dump the databases online making them freely available. A case of the latter has emerged today when a hacker posted the database of one of Indonesia’s largest online store named Bhinneka on a hacker forum.
A group of hackers that goes online with the name Ghost Squad Hackers has defaced a site of the European Space Agency (ESA). I have reached them for a comment and they told me that the attack was not targeted, they defaced the site only for fun. The group claims to have hacked numerous organizations and government agencies over the years, including US military, European Union, Washington DC, Israeli Defense Forces, the Indian Government, and some central banks.
The South East Coast Ambulance Service has experienced a massive data breach and has referred itself to a privacy watchdog. In May, the personal and medical details of all ambulance staff could have been seen by employees outside of senior management. An internal memo revealed that a server containing details of sick leave – including operations and mental and physical health issues – was for 10 days accessible to seven people who were not managers.
A messaging platform for Android, Welcome Chat spies upon its users and stores their data in an unsafe location that is accessible to the public. The authors of the app claim it to be available on the Google Play store, meanwhile, marketing it to be a secure platform for exchanging messages which however is not true by any means. The website of the malicious ‘Welcome Chat’ app publicizes the platform as a secure communication Android solution.
Round Up of Major Malware and Ransomware Incidents
A new malware family has been linked to the threat actors behind Trickbot, a prolific information-stealing Trojan. On Thursday, the Cybereason Nocturnus research team said that since April this year, the backdoor has been used in attacks against targets across the US and Europe. In particular, organizations in the professional, healthcare, IT, manufacturing, logistics, and travel industries are in the spotlight.
Four sophisticated malware families are ramping up their techniques and actively spreading to new countries, including the U.S. Malware that is typically used in Brazil is expanding its geography, targeting users in North America, Europe and elsewhere in Latin America. Banking trojans, which steal online banking logins and other financial credentials from unsuspecting victims, are fairly common – but the more sophisticated examples are often pioneered in Brazil.
Round Up of Major Vulnerabilities and Patches
Researchers have discovered several potentially serious vulnerabilities affecting monitoring, cooling and power distribution products made by Germany-based Rittal. According to Austria-based cybersecurity company SEC Consult, Rittal’s CMC III industrial and IT monitoring system, LCP CW cooling system, and the entire portfolio of power distribution units (PDU) are impacted by six types of vulnerabilities.