Categories
BEC Botnet Breach Bug CVE Cyber Security Data leak Egregor Emotet Malware Phishing QakBot Ransomware Scam Vulnerability

Manchester United football club discloses security breach, October Mumbai power outage may be due to a cyber attack, Threat actor selling list of 49k+ systems vulnerable to Fortinet SSL VPN vulnerability

Major cybersecurity events on 23rd November 2020 (Morning Post): Manchester United football club discloses security breach, October Mumbai power outage may be due to a cyber attack, Threat actor selling list of 49k+ systems vulnerable to Fortinet SSL VPN vulnerability.

Round Up of Major Breaches and Scams

Manchester United football club discloses security breach

European football club Manchester United disclosed on late Friday a cyber-security incident that impacted its internal systems. The football club said it’s still investigating the incident and couldn’t say if the breach allowed the intruders to access data associated with fans or store customers.

Dutch tech reporter gatecrashes EU defence secret video conference

Dutch journalist Daniel Verlaan of RTL Nieuws broke into a secret video conference of EU defence ministers after the Dutch defence minister Ank Bijleveld posted on Twitter an image of the call that accidentally exposed login details. The tech journalist caught the login credential in the image and used it to join the meeting, the photo contained the login address and part of the PIN code.

Lazada denies being behind data leak

Online retail operator, Lazada, insisted on Friday it was not responsible for leaking any online shoppers’ data following a report claiming that about 13 million records from Lazada Thailand were being offered for sale on an underground trading forum.

Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns

Attackers exploiting an array of Google Services, including Forms, Firebase, Docs and more to boost phishing and BEC campaigns. A spike in recent phishing and business email compromise (BEC) attacks can be traced back to criminals learning how to exploit Google Services, according to research from Armorblox.

October Mumbai power outage may have been caused by a cyber attack

Authorities in India believe that a major power outage that occurred in October in Mumbai may have been caused by hackers. On October 13, a major power outage occurred in the metropolitan area of Mumbai causing the partial disruption of the traffic management systems and the paralysis of the rail traffic and also impacted work at the stock exchange.

Round Up of Major Malware and Ransomware Incidents

Retail giant E-Land closes nearly half of stores due to ransomware attack

South Korean fashion and retail conglomerate E-Land Group said it has suspended operations at nearly half of its stores in the country due to a ransomware attack. The group said its corporate network system was attacked by ransomware early in the morning. Such a malware attack has forced 23 of its 50 branches of NC Department Store and NewCore Outlet to halt their operations, E-Land added.

QBot partners with Egregor ransomware in bot-fueled attacks

The Qbot banking trojan has dropped the ProLock ransomware in favour of the Egregor ransomware who burst into activity in September. Qbot, otherwise known as QakBot or QuakBot, is Windows malware that steals bank credentials, Windows domain credentials, and provides remote access to threat actors who install ransomware.

Romanians arrested for running underground malware services

Romanian police forces have arrested this week two individuals suspected of running two malware crypter services called CyberSeal and DataProtector, and a malware testing service called CyberScan.

Round Up of Major Vulnerabilities and Patches

Fortinet SSL-VPN Vulnerability CVE-2018-13379: 49K+ Vulnerable Targets Listed

CloudSEK Threat Intel has detected a threat actor selling a list of 49,577 systems on that are vulnerable to CVE-2018-13379, which is a Fortinet SSL VPN path traversal vulnerability. CVE-2018-13379 allows unauthenticated attackers to download FortiOS system files by means of specially crafted HTTP request. Vulnerability exists only if SSL VPN service (web mode/tunnel mode) is enabled.

VMware addresses flaws exploited at recent Tianfu Cup

VMware has released patches for two serious ESXi vulnerabilities that were disclosed during the 2020 Tianfu Cup International PWN Contest. The Tianfu Cup is the most important hacking contest held in China, the total bonus of the contest this year was up to 1 million US dollars.