APT Breach Data leak Espionage Hacking Honeypot Malware Phishing Ransomware Vulnerability

€10bn GDPR lawsuit against Salesforce, Oracle, 43,000 phishing emails bypass NHS security filters, and more

Major cybersecurity events on 14th August 2020 (Evening Post): Telephony honeypot receives 1.5 million robocalls across 11 months in the US. Facebook, Google join forces to curb the spread of disinformation, thwart efforts to manipulate voters. Windows Defender detects Citrix components as malware.

Round Up of Major Breaches and Scams

A simple telephony honeypot received 1.5 million robocalls across 11 months

In an award-winning paper presented at the USENIX security conference this week, a team of academics from North Carolina State University presented a list of findings from operating a massive telephony honeypot for 11 months for the sole purpose of tracking, identifying, and analyzing the robocalling phenomenon in the US. NCSU researchers said they ran 66,606 telephone lines between March 2019 and January 2020, during which time they said to have received 1,481,201 unsolicited calls.

Oracle and Salesforce targeted in €10bn GDPR lawsuit backed by profit-making litigation fund

Salesforce and Oracle are to face a GDPR lawsuit in London and the Netherlands that could cost them up to €10bn in fines, a legally aggressive privacy campaign group has claimed to The Register. The suit, which alleges the ad-tech subsidiaries of the American giants are in breach of the EU’s General Data Protection Regulation, is to be formally commenced in the Netherlands today. A campaign group calling itself the Privacy Collective is capitalising on newly liberalised UK rules allowing class-action-style lawsuits to go ahead.

350 million email addresses exposed on misconfigured AWS S3 bucket

Running out of introductions for reporting on something that happens so often. Just yesterday it was reported that a medical software firm exposed 3.1 million patients’ data to the public. In the latest, it has been found that 350 million unique email addresses were sitting exposed on a misconfigured Amazon S3 bucket for public access without any security authentication.

Over 43,000 Phishing Emails Slip Through NHS Security Filters

More than 43,000 NHS staff have been hit by phishing emails over the past few months, as they battled to save patients infected with COVID-19, a Freedom of Information (FOI) request has revealed. Think tank Parliament Street asked NHS Digital for the data on spam and phishing emails from March to July 14. A spokesperson confirmed to Infosecurity that the figures related to user reports of malicious and scam messages in their inbox, so the real total could be far higher.

Facebook, Google Step Up Election Protection Efforts

The hub was described as central to defending against deception and confusion in what promises to be an election roiled by the pandemic and efforts to dupe voters. The move comes amid a coordinated effort by Facebook, Google and other online platforms to curb the spread of disinformation and thwart efforts to manipulate voters. Google separately announced new features for its search engine to provide detailed information about how to register and vote, directing users to local election administrators.

Round Up of Major Malware and Ransomware Incidents

Windows Defender deletes Citrix components mislabeled as malware

Citrix released an advisory on Thursday about troublesome Windows Defender definition updates that break Delivery Controllers and Cloud Connectors running Microsoft’s antivirus. The issue is due to Windows Defender misidentifying as malicious and quarantining the main and secondary Citrix broker services (BrokerService.exe and HighAvailabilityService.exe) responsible for tracking current user connections/sessions.

UK Cybersecurity Firm Says North Korean Attacks on Israel Successful

Also referred to as Hidden Cobra, Lazarus is a cyber-espionage threat actor that also engages in financially-motivated attacks, including campaigns on crypto-currency exchanges, the WannaCry outbreak in 2017, the Sony Pictures Entertainment incident, and the $81 million Bangladesh bank theft.  The hacking group is known for the use of a variety of malware, including the recently detailed MATA framework and a significant number of Mac malware families. Over the past couple of years, the U.S. Cyber Command (USCYBERCOM) has shared various malware samples associated with the group.

Round Up of Major Vulnerabilities and Patches

Researchers uncover critical flaw within Amazon Alexa which can lead to stolen voice history and data

Security researchers at Check Point have discovered the Amazon Alexa assistant can be hacked to make it hand over sensitive data including voice recordings due to flaws within the services subdomains. The researchers explained that these critical issues could occur because the services subdomains are prone to Cross-Origin Resource Sharing (CORS) misconfiguration and cross-site scripting (XSS) attacks.