Round Up of Major Breaches and Scams
The German government Wednesday agreed to allow secret services to listen in on conversations via encrypted messaging services such as Messenger or Whatsapp as a means of tackling terrorism. Cabinet adopted a bill to that effect, drawn up after a series of far right attacks in the country, and the proposed legislation now goes forward for parliamentary assent. The proposed legislation would allow intelligence services including military counterintelligence in future to monitor not just current conversations on messenger platforms but also encrypted messages already sent through use of “spy software”.
Over 60% of credential stuffing attacks detected over the past two years have been targeted at retail, travel and hospitality businesses, according to Akamai. The security vendor’s latest report, Loyalty for Sale, is compiled from internet traffic flowing through its extensive global content delivery network. It revealed that, during the period July 1 2018 to June 30 2020, it detected over 100 billion credential stuffing attempts.
The US Securities and Exchange Commission (SEC) has issued a $5 million penalty against Kik for launching an illegal ICO and breaking securities laws. On Wednesday, the US regulator said that the US District Court for the Southern District of New York has entered a final judgment against Kik Interactive to lay a case to rest that has been in motion since 2019.
In an Aug. 20 letter, Christopher Neale, assistant commissioner of the Missouri Department of Elementary and Secondary Education, said the company distributed a spreadsheet to lobbyists, lawmakers and members of the state Board of Education that included personal information of students.
Digital wealth manger Scalable notified customers of a large data breach on Monday evening. Scalable said in a message to customers, seen by AltFi, that personal data was breached by unlawful access. “Scalable Capital has taken all necessary security measures and informed the relevant supervisory authorities. Your assets held in safe custody with the custodian bank were not at risk at any stage. The confidentiality of your password for the customer area is also still secure,” it said in the letter.
Round Up of Major Malware and Ransomware Incidents
Security researchers have discovered a new remote access trojan (RAT) being advertised on Russian-speaking underground hacking forums. Named T-RAT, the malware is available for only $45, and its primary selling point is the ability to control infected systems via a Telegram channel, rather than a web-based administration panel. It’s author claims this gives buyers faster and easier access to infected computers from any location, allowing threat actors to activate data-stealing features as soon as a victim is infected, before the RAT’s presence is discovered.
European IT services group Sopra Steria has been hit by a cyberattack. Which would be unfortunate for any business at the best of times, but is possibly even more galling for a firm like Sopra Steria which has a specialist cybersecurity branch which claims to help customers “protect sensitive information, and prevent costly data breaches.” Naturally Sopra Steria’s corporate clients, some of whom rely upon the firm to operate their core business processes and IT systems, will be concerned and will have plenty of questions regarding the nature of the attack.
Round Up of Major Vulnerabilities and Patches
Storage solutions provider QNAP this week published an advisory to warn customers that certain versions of QTS, the operating system for its network-attached storage (NAS) devices, are affected by the Zerologon vulnerability. Residing in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC) and addressed on August 2020 Patch Tuesday, the flaw started gaining attention after CISA on September 18 issued an Emergency Directive requiring federal agencies to install the available patches within three days.
A new report from the US National Security Agency outlines the 25 vulnerabilities most commonly targeted by Chinese sponsored hackers. Exploits for these vulnerabilities are already publicly available, but so are the patches for these flaws. Ciaran Byrne, head of platform operations at Edgescan, provided the follwing analysis: The details published today by the NSA of the top 25 vulnerabilities being leveraged by state-sponsored hackers is a stark reflection on patching policies of organizations.