APT Breach Cyber Security Malware Phishing Ransomware RAT Trojan Vulnerability

Nippon Communications and Minted disclose breach, Octopus Scanner malware infects GitHub NetBeans repos, and more

Major cybersecurity events on 29th May 2020 (Evening Post): Cyber criminals masquerade as Google, target remote workers. Hackers exploit flaws in SaltStack to get to Cisco servers. Hackers sell 5 million user records on dark web; Minted discloses data breach.

Round Up of Major Breaches and Scams

Fortune 500 company NTT discloses security breach

Nippon Telegraph & Telephone (NTT), the 64th biggest company in the world, according to the Fortune 500 list, has disclosed today a security breach. NTT says hackers gained access to its internal network and stole information on 621 customers from its communications subsidiary, NTT Communications, the largest telecommunications company in Japan, and one of the biggest worldwide.

Minted discloses data breach after 5M user records sold online

Minted, a US-based marketplace for independent artists, has disclosed a data breach after a hacker sold a database containing 5 million user records on a dark web marketplace. Minted is an online marketplace that allows independent artists to submit their art, which is then voted on by the Minted community. The winning submissions are then sold as art, home décor, and stationery to consumers.

Cyber-Criminals Impersonating Google to Target Remote Workers

Remote workers have been targeted by up to 65,000 Google-branded cyber-attacks during the first four months of 2020, according to a new report by Barracuda Networks. The study found that Google file sharing and storage websites were used in 65% of nearly 100,000 form-based attacks the security firm detected in this period.

Researchers Unmask Brazilian Hacker Who Attacked Thousands of Websites

Check Point told SecurityWeek that it informed law enforcement about its findings in October 2019, but the hacker continued to be active up until May 2020. VandaTheGod, who is also known online as Vanda de Assis and SH1N1NG4M3, appears to have been active since 2013 and claims to be associated with the Brazilian Cyber Army, which describes itself as an “ethical hacking group.”

Round Up of Major Malware and Ransomware Incidents

Industrial Suppliers in Japan, Europe Targeted in Sophisticated Attacks

The first attacks were spotted in early 2020 and, as of early May, Kaspersky has seen targeted organizations in Japan, Italy, Germany and the UK. The cybersecurity firm says the targets supply equipment and software for industrial organizations, particularly for the energy sector. Kaspersky said its products blocked the malware in each of the attacks it observed, and the company currently does not know what the hackers’ goals are.

New Octopus Scanner malware spreads via GitHub supply chain attack

The malware dubbed Octopus Scanner by researchers at the GitHub Security Lab compromises developers’ computers by infecting their NetBeans repositories after planting malicious payloads within JAR binaries, project files and dependencies, later spreading to downstream development systems.

Round Up of Major Vulnerabilities and Patches

 Hackers Compromise Cisco Servers Via SaltStack Flaws

Cisco said attackers have been able to compromise its servers after exploiting two known, critical SaltStack vulnerabilities. The flaws exist in the open-source Salt management framework, which are used in Cisco network-tooling products. Two Cisco products incorporate a version of SaltStack that is running the vulnerable salt-master service.

200K sites with buggy WordPress plugin exposed to wipe attacks

Two high severity security vulnerabilities found in the PageLayer plugin can let attackers to potentially wipe the contents or take over WordPress sites using vulnerable plugin versions. PageLayer is a WordPress plugin with over 200,000+ active installations according to numbers available on its Wordpress plugins repository entry. It can help users without developer or designer skills to build web pages using a browser-based drag-and-drop real-time editor.