Categories
APT Botnet Breach Bug Cyber Security Data leak Espionage Hacking Malware Phishing Ransomware Snooping Spyware Vulnerability Zero-day

NOW: Pensions suffers 3rd party data breach, “Joker’s Stash” servers seized by law enforcement, and more

Major cybersecurity events on 22nd December 2020 (Evening Post): Hackers break into US Treasury systems, steal essential encryption keys. CISA issues ICS Advisory for new vulnerabilities in Treck TCP/IP stack. Tech giants Microsoft, Google, Cisco support Facebook in case against spyware maker.

Round Up of Major Breaches and Scams

UK firm NOW: Pensions tells 1.7 million customers a ‘service partner’ leaked their data all over ‘public software forum’

Workplace pension provider NOW: Pensions has emailed its near 1.7 million UK customers to warn about a data leakage caused by contractor error. The email, seen by this publication, claims a service provider “unintentionally” posted user data to an unnamed “public software forum”. These records include biographical data (names, email addresses, and dates of birth) as well as National Insurance numbers. According to the pension provider, the data was obtained by “a small number” of third parties.

Law enforcement take down three bulletproof VPN providers

Law enforcement agencies from the US, Germany, France, Switzerland, and the Netherlands have seized this week the web domains and server infrastructure of three VPN services that provided a safe haven for cybercriminals to attack their victims. The services have been active for more than a decade, are believed to be operated by the same individual/group, and have been heavily advertised on both Russian and English-speaking underground cybercrime forums, where they were sold for prices ranging from $1.3/day to $190/year.

Cyberattack Hit Key US Treasury Systems: Senator

Hackers broke into systems used by top US Treasury officials during a massive cyberattack on government agencies and may have stolen essential encryption keys, a senior lawmaker said Monday. Senator Ron Wyden, who sits on both the Senate Intelligence and Finance Committees, said after a closed-door briefing that the hack at the US Treasury Department “appears to be significant.”

Round Up of Major Malware and Ransomware Incidents

Servers of Carding Site “Joker’s Stash” Seized by Law Enforcement

The blockchain domains of Joker’s Stash, a popular underground marketplace for stolen payment card data, have been seized by law enforcement. On December 17, the shop’s website displayed an image claiming that the U.S. Federal Bureau of Investigation and Interpol had seized it. Joker’s Stash is an automated vending cart (AVC) that had several versions of the site up and running, including blockchain domains .bazar, .lib, .emc, and coin, and two Tor (.onion) domains. The takedown attempt, Digital Shadows reports, only resulted in the .bazar domain becoming unavailable.

Tech Giants Support Facebook in Case Against Spyware Maker

Microsoft, Google, Cisco and a host of other tech giants have added their names to a legal filing supporting Facebook’s case against controversial spyware developer NSO Group. The social network took the Israeli firm to court after alleging that the latter exploited a vulnerability in WhatsApp which helped its clients spy on over 1400 users globally. It’s believed that the bug or similar ones may also have been used to help Saudi Arabian officials spy on murdered journalist Jamal Khashoggi and his former boss, Jeff Bezos.

Round Up of Major Vulnerabilities and Patches

CISA Issues ICS Advisory for New Vulnerabilities in Treck TCP/IP Stack

Security updates available for the Treck TCP/IP stack address two critical vulnerabilities leading to remote code execution or denial-of-service. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory to warn organizations using industrial control systems (ICS) about the risks posed by these flaws. A low-level TCP/IP software library, the Treck TCP/IP stack is specifically designed for embedded systems, featuring small critical sections and a small code footprint.

Patrick Wardle on Hackers Leveraging ‘Powerful’ iOS Bugs in High-Level Attacks

Noted Apple security expert Patrick Wardle discusses how cybercriminals are stepping up their game in targeting Apple users with new techniques and cyberattacks. A recently uncovered zer0-click Apple zero-day flaw, used in a spyware campaign against Al Jazeera journalists, shed light this week on the impact of Apple security issues being abused by bad actors. In 2020, the security research community saw an array of “powerful” Apple bugs afflicting iOS, iPhone and more.