Categories
Breach CVE Cyber Security Ransomware Scam Vulnerability

More than 100K brute-force attacks target Windows, OneClass exposes 1M students’ data, and more

Major cybersecurity events on 30th June 2020 (Evening Post): Hackers target Roblox gaming platform accounts in support of Donal Trump’s re-election. Unpatched Wi-Fi extender exposes domestic networks to remote control. Vulnerabilities in device drivers facilitate attacks on ATMs, PoS systems.

Round Up of Major Breaches and Scams

Security Breach Impacts State Police Database

State police say they were notified on June 20 by Netsential that a data breach may have included information from the Maine Information and Analysis Center, or MIAC. The agency has contracted the Houston, Texas-based company, which provides web hosting services to hundreds of law enforcement and government agencies across the country, since 2017.

Over 100k daily brute-force attacks on RDP in pandemic lockdown

The number of daily brute-force attacks against Windows remote desktop service has almost doubled during the pandemic lockdown, telemetry data shows. With the increase of remote workers during the COVID-19 period, many users no longer relied on the infrastructure monitored by the company to access sensitive information on the network.

SEC warns off investment in iBSmartify Nigeria cryptocurrencies

The Security and Exchange Commission (SEC) has warned investors away from dealing with iBSmartify Nigeria cryptocurrency offerings in an effort to clamp down on crypto-related scams and unregulated products. For many the cryptocurrency sector is an innovative, interesting marketplace that can provide lucrative returns on the purchase of crypto, acting as an alternative market to traditional financial products.

Online Learning Platform Exposes Data on One Million Students

Over one million North American students have had their data exposed after a popular online learning platform left it in a publicly accessible cloud database, according to vpnMentor. Researchers from the firm claimed that the Elasticsearch database belonging to provider OneClass was left completely unsecured.

Roblox accounts being hacked in support of Trump reelection

A hacking campaign is targeting Roblox accounts to support President Trump in the upcoming U.S. Presidential elections in November. Roblox is an online gaming platform that allows members to create games and publish them for others to play. With over 100 million monthly active users and consistently in the top hundred sites globally, Roblox is an immensely popular gaming platform.

Seller floods hacker forum with data stolen from 14 companies

A data breach broker is selling databases containing user records for 14 different companies he claimed were breached by hackers in 2020. When a company is breached, threat actors will typically download accessible databases, including account records. These databases are then sold directly to other threat actors, or the hackers utilize data breach brokers to sell them on their behalf.

Round Up of Major Malware and Ransomware Incidents

At least 31 US Businesses targeted with WastedLocker Ransomware

The malicious code was first documented by researchers from the NCC Group’s report and later Symantec published its own analysis. Security experts from Symantec reported that at least 31 organizations in the United States have been targeted with the recently discovered WastedLocker ransomware. According to the experts, the malware was developed by the Russian cybercrime crew known as Evil Corp.

Round Up of Major Vulnerabilities and Patches

Unpatched Wi-Fi Extender Opens Home Networks to Remote Control

A popular Wi-Fi extender for the home has multiple unpatched vulnerabilities, including the use of a weak, default password, according to researchers. Also, two of the bugs could allow complete remote control of the device. The flaws have been found in Tenda PA6 Wi-Fi Powerline extender, version 1.0.1.21, which extends the wireless network throughout the house using HomePlug AV2 technology.

Driver Vulnerabilities Facilitate Attacks on ATMs, PoS Systems

Eclypsium last year analyzed device drivers from major vendors and found that over 40 drivers made by 20 companies contained serious vulnerabilities that could be exploited to deploy persistent malware. The firm now warns that the Windows drivers used in ATMs and PoS devices can be highly useful to threat actors targeting these types of systems.

US Cyber Command says foreign hackers will most likely exploit new PAN-OS security bug

US Cyber Command said today that foreign state-sponsored hacking groups are likely to exploit a major security bug disclosed today in PAN-OS, the operating system running on firewalls and enterprise VPN appliances from Palo Alto Networks. “Please patch all devices affected by CVE-2020-2021 immediately, especially if SAML is in use,” US Cyber Command said in a tweet today.

Developers leak benchmarks from the Apple silicon Mac transition kit

As reported by MacRumors, eager Apple developers are already posting benchmarks on the developer transition kits for Macs with Apple silicon. These kits are based on the Mac mini chassis but include ARM-derived Apple silicon rather than Intel CPUs. Before we dig in, it’s important to note a few caveats. First, the CPU included in these developer kits may or may not reflect the CPUs included in future Apple Macs.