Categories
APT Breach Bug CVE Cyber Security Data leak DDoS Hacking Malware Phishing RAT Scam Spoofing Trojan Vulnerability

Germany gives secret services access to encrypted conv., Credential stuffing attacks target retail, travel businesses, and more

Major cybersecurity events on 22nd October 2020 (Evening Post): US Securities and Exchange Commission issues Kik $5 million penalty for launching illegal ICO, breaking securities laws. New Windows RAT can be controlled via a Telegram channel. European IT services group Sopra Steria hit by suspected ransomware attack.

Round Up of Major Breaches and Scams

Berlin to Give Secret Services Access to Encrypted Conversations

The German government Wednesday agreed to allow secret services to listen in on conversations via encrypted messaging services such as Messenger or Whatsapp as a means of tackling terrorism. Cabinet adopted a bill to that effect, drawn up after a series of far right attacks in the country, and the proposed legislation now goes forward for parliamentary assent. The proposed legislation would allow intelligence services including military counterintelligence in future to monitor not just current conversations on messenger platforms but also encrypted messages already sent through use of “spy software”.

Retail, Hospitality and Travel Hit by 64 Billion Credential Stuffing Attacks

Over 60% of credential stuffing attacks detected over the past two years have been targeted at retail, travel and hospitality businesses, according to Akamai. The security vendor’s latest report, Loyalty for Sale, is compiled from internet traffic flowing through its extensive global content delivery network. It revealed that, during the period July 1 2018 to June 30 2020, it detected over 100 billion credential stuffing attempts.

SEC issues Kik $5 million penalty over illegal cryptocurrency offering

The US Securities and Exchange Commission (SEC) has issued a $5 million penalty against Kik for launching an illegal ICO and breaking securities laws. On Wednesday, the US regulator said that the US District Court for the Southern District of New York has entered a final judgment against Kik Interactive to lay a case to rest that has been in motion since 2019.

Virtual learning company admits releasing student data in bid to expand in Missouri

In an Aug. 20 letter, Christopher Neale, assistant commissioner of the Missouri Department of Elementary and Secondary Education, said the company distributed a spreadsheet to lobbyists, lawmakers and members of the state Board of Education that included personal information of students.

Scalable Capital sees large data breach

Digital wealth manger Scalable notified customers of a large data breach on Monday evening. Scalable said in a message to customers, seen by AltFi, that personal data was breached by unlawful access. “Scalable Capital has taken all necessary security measures and informed the relevant supervisory authorities. Your assets held in safe custody with the custodian bank were not at risk at any stage. The confidentiality of your password for the customer area is also still secure,” it said in the letter.

Round Up of Major Malware and Ransomware Incidents

New Windows RAT can be controlled via a Telegram channel

Security researchers have discovered a new remote access trojan (RAT) being advertised on Russian-speaking underground hacking forums. Named T-RAT, the malware is available for only $45, and its primary selling point is the ability to control infected systems via a Telegram channel, rather than a web-based administration panel. It’s author claims this gives buyers faster and easier access to infected computers from any location, allowing threat actors to activate data-stealing features as soon as a victim is infected, before the RAT’s presence is discovered.

Sopra Steria hit by cyberattack. IT services group suspected of falling victim to ransomware

European IT services group Sopra Steria has been hit by a cyberattack. Which would be unfortunate for any business at the best of times, but is possibly even more galling for a firm like Sopra Steria which has a specialist cybersecurity branch which claims to help customers “protect sensitive information, and prevent costly data breaches.” Naturally Sopra Steria’s corporate clients, some of whom rely upon the firm to operate their core business processes and IT systems, will be concerned and will have plenty of questions regarding the nature of the attack.

Round Up of Major Vulnerabilities and Patches

QNAP Issues Advisory on Zerologon Vulnerability

Storage solutions provider QNAP this week published an advisory to warn customers that certain versions of QTS, the operating system for its network-attached storage (NAS) devices, are affected by the Zerologon vulnerability. Residing in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC) and addressed on August 2020 Patch Tuesday, the flaw started gaining attention after CISA on September 18 issued an Emergency Directive requiring federal agencies to install the available patches within three days.

NSA warns that Chinese-sponsored hackers are targeting publicly available exploits

A new report from the US National Security Agency outlines the 25 vulnerabilities most commonly targeted by Chinese sponsored hackers. Exploits for these vulnerabilities are already publicly available, but so are the patches for these flaws. Ciaran Byrne, head of platform operations at Edgescan, provided the follwing analysis: The details published today by the NSA of the top 25 vulnerabilities being leveraged by state-sponsored hackers is a stark reflection on patching policies of organizations.