Round Up of Major Breaches and Scams
Ohioans’ personal info exposed in pandemic unemployment data breach, ODJFS says
The personal information of Ohioans receiving pandemic unemployment assistance was recently exposed to a data breach, according to Ohio Department of Jobs and Family Services. The information reportedly included names, Social Security numbers and street addresses.
Crooks Tap Google Firebase in Fresh Phishing Tactic
A series of phishing campaigns using Google Firebase storage URLs have surfaced, showing that cybercriminals continue to leverage the reputation of Google’s cloud infrastructure to dupe victims and skate by secure email gateways.
BlockFi discloses failed hack attempt after SIM swapping incident
Cryptocurrency trading platform BlockFi disclosed this week a security incident during which a hacker attempted and failed to steal funds from the company’s users. The attack took place last week, on May 14, BlockFi said in a post-mortem report [PDF] published on Tuesday.
Round Up of Major Malware and Ransomware Incidents
Winnti Group Targets Video Game Developers with New Backdoor Malware
Researchers from ESET have discovered a new modular backdoor used by the Winnti Group to target several video game companies that develop MMO (massively multiplayer online) games. As explained in a blog post, the malware, dubbed ‘PipeMon’ by ESET, targeted companies in South Korea and Taiwan.
Iran-linked Chafer APT group targets governments in Kuwait and Saudi Arabia
Cybersecurity researchers from Bitdefender published a detailed report on an Iranian cyber espionage campaign directed against critical infrastructures in Kuwait and Saudi Arabia. The cyber espionage campaigns were carried out by Iran-linked Chafer APT (also known as APT39 or Remix Kitten).
Round Up of Major Vulnerabilities and Patches
XSS, Open Redirect Vulnerabilities Patched in Drupal
Drupal 7.70 fixes an open redirect vulnerability related to “insufficient validation of the destination query parameter in the drupal_goto() function.” An attacker can exploit the flaw to redirect users to an arbitrary URL by getting them to click on a specially crafted link, Drupal said in its advisory.
Thousands of Israeli sites defaced with code seeking permission to access users’ webcams
Thousands of Israeli websites have been defaced earlier today to show an anti-Israeli message and with malicious code seeking permission to access visitors’ webcams. More than 2,000 websites are believed to have been defaced. Most of the websites were hosted on uPress, a local Israeli WordPress hosting service.