Categories
APT Breach Bug Cyber Security Data leak Deepfake Malware Phishing Ransomware Scam Spam Spyware Vulnerability

Marketing firm Friendemic exposes 2.7M customer records, Docsketch discloses security breach, and more

Major cybersecurity events on 12th October 2020 (Morning Post): Tyler Technologies pays ransom to obtain decryption key, following ransomware attack. Clop ransomware hits tech giant Software AG, demands over $20 million as ransom. Russia-linked threat group TA505 exploits Zerologon through fake software updates.

Round Up of Major Breaches and Scams

Deepfake Voice Technology Iterates on Old Phishing Strategies

As the world of AI and deepfake technology grows more complex, the risk that deepfakes pose to firms and individuals grows increasingly potent. This growing sophistication of the latest software and algorithms has allowed malicious hackers, scammers and cyber criminals who work tirelessly behind the scenes to stay one step ahead of the authorities, making the threat of attacks increasingly difficult to both prepare for and defend against.

The most common malicious email attachments infecting Windows

To stay safe online, everyone needs to recognize malicious attachments that are commonly used in phishing emails to distribute malware. When distributing malware, threat actors create spam campaigns that pretend to be invoices, invites, payment information, shipping information, eFaxes, voicemails, and more. Included in these emails are malicious Word and Excel attachments, or links to them, that when opened and macros are enabled, will install malware on a computer.

Marketing firm Friendemic exposed 2.7 million customer records

Exposed data belonged to Friendemic and included full names, email addresses, and contact numbers of its customers. The dangers of unprotected Amazon S3 buckets are well documented. Yet another firm made the mistake of improper cloud configuration and exposed nearly 3 million customers’ data. On Sep 12, 2020, Comparitech researcher and security expert Aaron Phillips discovered a publicly accessible database containing personally identifiable information (PII) of approx. 2.7 million consumers of a US-based digital marketing services provider Friendemic.

Carnival confirms data breach as a result of the August ransomware attack

Carnival Corporation, the world’s largest cruise line operator, has confirmed a data breach as a result of the august ransomware attack. Carnival Corporation, the world’s largest cruise line operator, has confirmed a data breach as a result of the ransomware attack that took place in August. Ransomware operators have stolen the personal information of customers, employees, and ship crews during the attack.

Document-signing service Docsketch discloses security breach

Electronic document-signing service Docsketch is notifying customers about a security breach that took place over the past summer. In an email sent to customers and seen by ZDNet, the company said that an unauthorized third-party gained access to a copy of its database in early August this year. The database file contained a snapshot of the Docsketch service dated July 9, 2020, the company said.

Children and parent info exposed in Georgia DHS data breach

Information for children and parents was accessed by hackers over the summer, the Georgia Department of Human Services (DHS) said on Friday. The security breach took place over the spring. Georgia DHS officials said that between May 3, 2020, and May 15, 2020, hackers managed to gain access to several employee email accounts. Over the summer, officials said they learned that the intruders “had been able to retain” emails from the hacked accounts.

Tennessee Health Data Management Firm Agrees to $2m Data Breach Settlement

A Tennessee firm that provides health data management services has agreed to pay the United States Office for Civil Rights (OCR) $2.3m to settle charges related to a data breach. Charges were brought against Tennessee-based Community Health Systems (CHSPSC LLC) by 28 states after the personal health information (PHI) of millions of people ended up in the hands of cyber-criminals.

Twitter to limit politicians’ premature claims of victory, remove calls for violence

With less than a month until Election Day in the U.S., Twitter said it would limit politicians’ ability to claim premature electoral victories, and remove calls for violence or interference in election results. Tweets claiming false victories will be flagged and users will be directed to credible information about the election, the company announced Friday. Any tweet intended to incite electoral interference, whether in the presidential or congressional races, will be removed.

Round Up of Major Malware and Ransomware Incidents

Tyler Technologies finally paid the ransom to receive the decryption key

Tyler Technologies has finally decided to paid a ransom to obtain a decryption key and recover files encrypted in a recent ransomware attack. Tyler Technologies, Inc. is the largest provider of software to the United States public sector. At the end of September, the company disclosed a ransomware attack and its customers reported finding suspicious logins and previously unseen remote access tools on their networks.

Clop ransomware hits Software AG, demands $20 million+ ransom

Software AG, a German tech giant had its helpdesk and internal communication systems discrupted after Clop ransomware attack. Over the weekend, Germany’s second-largest tech firm Software AG suffered a ransomware attack. The company had to shut down many of its internal systems. Allegedly, the attackers took company data and demanded over $20 million (€17 million) in ransom. According to the company, its cloud offerings weren’t affected; however, its internal communications and helpdesk went offline and haven’t recovered fully as yet.

Researcher uploaded spyware on official Fitbit store

The researcher took advantage of the Fitbit gallery which allows developers to submit apps that enhance the functionality of the core app. Security researchers find vulnerabilities in different ways. Sometimes, it’s as a result of their routine work while sometimes they happen to be curious and specifically test a particular application. An example of the latter occurred recently where Kev Breen, Director of Cyber Threat Research at Immersive Labs decided to build a spyware app for Fitbit and succeeded in doing so with the app being delivered through the official Fitbit website.

Round Up of Major Vulnerabilities and Patches

Hacker groups chain VPN and Windows bugs to attack US government networks

Hackers have gained access to government networks by combining VPN and Windows bugs, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) said in a joint security alert published on Friday. Attacks have targeted federal and state, local, tribal, and territorial (SLTT) government networks. Attacks against non-government networks have also been detected, the two agencies said.

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Microsoft has uncovered Zerologon attacks that were allegedly conducted by the infamous TA505 Russia-linked cybercrime group. Microsoft spotted a series of Zerologon attacks allegedly launched by the Russian cybercrime group tracked as TA505, CHIMBORAZO and Evil Corp. Microsoft experts spotted the Zerologon attacks involving fake software updates, the researchers noticed that the malicious code connected to command and control (C&C) infrastructure known to be associated with TA505.

New self-erasing chip could be used to detect counterfeit or tampered products

A team of academics from the University of Michigan has developed self-powered and self-erasing chips that they hope could be used as an anti-counterfeit or tamper-detection system. The new chips have been built with the help of a new material that changes its color while it temporarily stores energy. The material consists of a three-atom-thick layer of semiconductor laid on top of a film of azobenzene molecules.

Five bag $300,000 in bug bounties after finding 55 security holes in Apple’s web apps, IT infrastructure

A team of vulnerability spotters have netted themselves a six-figure payout from Apple after discovering dozens security holes in the Cupertino giant’s computer systems, some of which could have been exploited to steal iOS source code, and more. Brett Buerhaus, Ben Sadeghipour, Samuel Erb, Tanner Barnes, and Sam Curry this week said that of the 55 bugs they uncovered, 11 were rated as critical, 29 were high-severity, 13 were medium, and two were considered low risk.