Round Up of Major Breaches and Scams
Manchester United football club discloses security breach
European football club Manchester United disclosed on late Friday a cyber-security incident that impacted its internal systems. The football club said it’s still investigating the incident and couldn’t say if the breach allowed the intruders to access data associated with fans or store customers.
Dutch tech reporter gatecrashes EU defence secret video conference
Dutch journalist Daniel Verlaan of RTL Nieuws broke into a secret video conference of EU defence ministers after the Dutch defence minister Ank Bijleveld posted on Twitter an image of the call that accidentally exposed login details. The tech journalist caught the login credential in the image and used it to join the meeting, the photo contained the login address and part of the PIN code.
Lazada denies being behind data leak
Online retail operator, Lazada, insisted on Friday it was not responsible for leaking any online shoppers’ data following a report claiming that about 13 million records from Lazada Thailand were being offered for sale on an underground trading forum.
Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns
Attackers exploiting an array of Google Services, including Forms, Firebase, Docs and more to boost phishing and BEC campaigns. A spike in recent phishing and business email compromise (BEC) attacks can be traced back to criminals learning how to exploit Google Services, according to research from Armorblox.
October Mumbai power outage may have been caused by a cyber attack
Authorities in India believe that a major power outage that occurred in October in Mumbai may have been caused by hackers. On October 13, a major power outage occurred in the metropolitan area of Mumbai causing the partial disruption of the traffic management systems and the paralysis of the rail traffic and also impacted work at the stock exchange.
Round Up of Major Malware and Ransomware Incidents
Retail giant E-Land closes nearly half of stores due to ransomware attack
South Korean fashion and retail conglomerate E-Land Group said it has suspended operations at nearly half of its stores in the country due to a ransomware attack. The group said its corporate network system was attacked by ransomware early in the morning. Such a malware attack has forced 23 of its 50 branches of NC Department Store and NewCore Outlet to halt their operations, E-Land added.
QBot partners with Egregor ransomware in bot-fueled attacks
The Qbot banking trojan has dropped the ProLock ransomware in favour of the Egregor ransomware who burst into activity in September. Qbot, otherwise known as QakBot or QuakBot, is Windows malware that steals bank credentials, Windows domain credentials, and provides remote access to threat actors who install ransomware.
Romanians arrested for running underground malware services
Romanian police forces have arrested this week two individuals suspected of running two malware crypter services called CyberSeal and DataProtector, and a malware testing service called CyberScan.
Round Up of Major Vulnerabilities and Patches
Fortinet SSL-VPN Vulnerability CVE-2018-13379: 49K+ Vulnerable Targets Listed
CloudSEK Threat Intel has detected a threat actor selling a list of 49,577 systems on that are vulnerable to CVE-2018-13379, which is a Fortinet SSL VPN path traversal vulnerability. CVE-2018-13379 allows unauthenticated attackers to download FortiOS system files by means of specially crafted HTTP request. Vulnerability exists only if SSL VPN service (web mode/tunnel mode) is enabled.
VMware addresses flaws exploited at recent Tianfu Cup
VMware has released patches for two serious ESXi vulnerabilities that were disclosed during the 2020 Tianfu Cup International PWN Contest. The Tianfu Cup is the most important hacking contest held in China, the total bonus of the contest this year was up to 1 million US dollars.