Round Up of Major Breaches and Scams
Nippon Telegraph & Telephone (NTT), the 64th biggest company in the world, according to the Fortune 500 list, has disclosed today a security breach. NTT says hackers gained access to its internal network and stole information on 621 customers from its communications subsidiary, NTT Communications, the largest telecommunications company in Japan, and one of the biggest worldwide.
Minted, a US-based marketplace for independent artists, has disclosed a data breach after a hacker sold a database containing 5 million user records on a dark web marketplace. Minted is an online marketplace that allows independent artists to submit their art, which is then voted on by the Minted community. The winning submissions are then sold as art, home décor, and stationery to consumers.
Remote workers have been targeted by up to 65,000 Google-branded cyber-attacks during the first four months of 2020, according to a new report by Barracuda Networks. The study found that Google file sharing and storage websites were used in 65% of nearly 100,000 form-based attacks the security firm detected in this period.
Check Point told SecurityWeek that it informed law enforcement about its findings in October 2019, but the hacker continued to be active up until May 2020. VandaTheGod, who is also known online as Vanda de Assis and SH1N1NG4M3, appears to have been active since 2013 and claims to be associated with the Brazilian Cyber Army, which describes itself as an “ethical hacking group.”
Round Up of Major Malware and Ransomware Incidents
The first attacks were spotted in early 2020 and, as of early May, Kaspersky has seen targeted organizations in Japan, Italy, Germany and the UK. The cybersecurity firm says the targets supply equipment and software for industrial organizations, particularly for the energy sector. Kaspersky said its products blocked the malware in each of the attacks it observed, and the company currently does not know what the hackers’ goals are.
The malware dubbed Octopus Scanner by researchers at the GitHub Security Lab compromises developers’ computers by infecting their NetBeans repositories after planting malicious payloads within JAR binaries, project files and dependencies, later spreading to downstream development systems.
Round Up of Major Vulnerabilities and Patches
Cisco said attackers have been able to compromise its servers after exploiting two known, critical SaltStack vulnerabilities. The flaws exist in the open-source Salt management framework, which are used in Cisco network-tooling products. Two Cisco products incorporate a version of SaltStack that is running the vulnerable salt-master service.
Two high severity security vulnerabilities found in the PageLayer plugin can let attackers to potentially wipe the contents or take over WordPress sites using vulnerable plugin versions. PageLayer is a WordPress plugin with over 200,000+ active installations according to numbers available on its Wordpress plugins repository entry. It can help users without developer or designer skills to build web pages using a browser-based drag-and-drop real-time editor.