Round Up of Major Breaches and Scams
The Indian government has banned today 59 Chinese mobile applications on the grounds of national security, according to a government mandate seen by ZDNet. The New Delhi government argues that the 59 apps have been used to collect data on Indian users, data that has been sent back to servers in China.
A team of security researchers has discovered a collection of SQL databases for sale on the Dark Web. The archived files were stolen from 945 websites around the world, Lucy Security reports. All of these websites were breached by different attackers, according to the researchers, who found two databases containing approximately 150 GB of unpacked SQL files.
A hacker group going by the name of ‘Cl0ud SecuritY’ is breaking into old LenovoEMC (formerly Iomega) network-attached storage (NAS) devices, wiping files, and leaving ransom notes behind asking owners to pay between $200 and $275 to get their data back. Attacks have been happening for at least a month, according to entries on BitcoinAbuse, a web portal where users can report Bitcoin addresses abused in ransomware, extortions, cybercrime, and other online scams.
Researchers have once again spotted crooks using calendar invitations to mount phishing attacks. The Cofense Phishing Defense Center found the attack in enterprise email environments protected by Proofpoint and Microsoft, it announced last week. The phishing scam uses iCalendar, which is a media type that lets users store and exchange calendaring and scheduling information, including events and tasks.
Round Up of Major Malware and Ransomware Incidents
The PROMETHIUM threat actor — active since 2012 — has been exposed multiple times over the past several years.. However, this has not deterred this actor from continuing and expanding their activities. By matching indicators such as code similarity, command and control (C2) paths, toolkit structure and malicious behavior, Cisco Talos identified around 30 new C2 domains.
With Magento 1 reaching end-of-life (EOL) on Tuesday, Adobe is making a last-ditch effort to urge the 100,000 online stores still running the outdated version to migrate to Magento 2. Magento is a popular, Adobe-owned open-source e-commerce platform that powers many online shops.
The REvil ransomware gang (also known as Sodinokibi) has added an auction feature to its underground website that allows anonymous bidding on information stolen in its targeted ransomware campaigns. The auction capability appeared at the beginning of June, according to an analysis from Cyberint.
Round Up of Major Vulnerabilities and Patches
Palo Alto Networks disclosed a critical vulnerability found in the operating system (PAN-OS) of all its next-generation firewalls that could allow unauthenticated network-based attackers to bypass authentication. According to the company’s website, PAN‑OS is the software that powers all of its next-generation firewalls.
Nearly 20 years after its initial release, a hacker has found a way to run homebrew software on an unmodified PlayStation 2 using nothing but a carefully burned DVD-ROM. Previous efforts to hack the PS2 relied on internal modifications, external hardware (like pre-hacked memory cards and hard drives), or errors found only on very specific models of the system.