Categories
Breach Bug CVE Cyber Security Data leak Hacking Phishing Ransomware Scam Skimming Vulnerability

ProctorU confirms breach after data leaked online, Subreddits vandalized with pro-Trump messages, and more

Major cybersecurity events on 10th August 2020 (Evening Post): New evasive Magecart phishing attacks leverage modified favicon to inject e-skimmers, steal payment card data. Maze group claims responsibility for a ransomware attack targeted at Canon.

Round Up of Major Breaches and Scams

ProctorU confirms data breach after database leaked online

Online exam proctoring solution ProctorU has confirmed a data breach after a threat actor released a stolen database of user records on a hacker forum. ProctorU is a proctoring service used by companies and colleges to monitor online tests for cheating. Using installed software, webcams, and the computer’s microphone, ProctorU will monitor a test taker’s for behavior indicative of cheating. If cheating is suspected, the proctor can ask the student to show them parts of their room with their webcam to ensure that cheating is not taking place.

Hackers Vandalize Communities With Pro-Trump MAGA Messages

Reddit got Trumped. On Friday, many users visited their favorite subreddits and found something unexpected: pro-Donald Trump Make America Great Again campaign banners and messages supporting the president. It was not a coincidence. Weeks after Twitter suffered an embarrassing hack that compromised influential accounts, attackers took aim at Reddit on Friday, specifically at a number of popular and high-profile subreddit communities, such as r/space, r/food, r/Japan, r/nfl, r/cfb and r/podcasts, among many others.

Fake security advisory used in clever cPanel phishing attack

A clever phishing scam is targeting cPanel users with a fake security advisory alerting them of critical vulnerabilities in their web hosting management panel. cPanel is administrative software commonly installed on shared web hosting services that allow website owners to easily administer their site through a graphical user interface. Starting on Wednesday, cPanel and WebHost Manager (WHM) users began reporting a targeted phishing email campaign with an email subject of “cPanel Urgent Update Request” that was pretending to be a security advisory from the company.

Round Up of Major Malware and Ransomware Incidents

Homoglyph attacks used in phishing campaign and Magecart attacks

Researchers detailed a new evasive phishing technique that leverages modified favicons to inject e-skimmers and steal payment card data covertly. Researchers from cybersecurity firm Malwarebytes have analyzed a new evasive phishing technique used by attackers in the wild in Magecart attacks. The hackers targeted visitors of several sites using typo-squatted domain names, and modified favicons to inject software skimmers used to steal payment card information.

Canon suffers ransomware attack, Maze claims responsibility

A reported ransomware attack suffered by Canon appears to have been confirmed by an internal memo, with Maze threat actors taking the credit. As reported by Bleeping Computer, a six-day outage beginning July 30 on the image.canon website, a service for uploading and storing photos through Canon’s mobile applications, led to suspicions that a cyberattack may have taken place.

Round Up of Major Vulnerabilities and Patches

All you need to hijack a Mac is an old Office document and a .zip file

A sequence of interconnected bugs could allow hackers to hijack devices running on macOS using little more than an infected Office document and a .zip file, an expert has warned. The vulnerability was identified by ex-NSA researcher Patrick Wardle, now working for security firm Jamf, who found that even fully-patched macOS Catalina systems were at risk. The exploit uses a rigged Office document, saved in an archaic format (.slk), to trick the target machine into allowing Office to activate macros without consent and without notifying the user.

Flaws Could Have Exposed Cryptocurrency Exchanges to Hackers

Most people use either an app, an online platform, or a small hardware device as a wallet to store their cryptocurrency safely. The exchanges through which cryptocurrency changes hands, though, and other high stakes operations need something more like a massive digital bank vault. At the Black Hat security conference on Thursday, researchers detailed potential weaknesses in these specially secured wallet schemes, including some that affected real exchanges that have now been fixed.

Bugs in HDL Automation expose IoT devices to remote hijacking

A security researcher discovered vulnerabilities in an automation system for smart homes and buildings that allowed taking over accounts belonging to other users and control associated devices. In a presentation on Saturday at the IoT Village during the DEF CON hacker conference, Barak Sternberg shows how some weak spots in the HDL automation system could have been leveraged by attackers to fully compromise it.

Satellite Internet connections can easily be intercepted by hackers

James Pavur, the author of the research identified that hackers can target Satellites with merely a $300 device. Black Hat USA 2020 took place from 1 to 6 August and has brought rather interesting yet unnerving cybersecurity briefings from experts and professionals alike. A recent press release published, explains how threat actors can intercept internet traffic even if they are a continent away.

TeamViewer fixes bug that lets attackers access your PC

Popular remote access and troubleshooting app, TeamViewer has patched a vulnerability that could let attackers quietly establish a connection to your computer and further exploit the system. When successfully exploited, this bug would let an unauthenticated, remote actor execute code on your Windows PC, or obtain password hashes (e.g., for cracking via brute-force). Assigned CVE-2020-13699, the high severity bug falls under a special category of security vulnerabilities, dubbed Unquoted Search Path or Element (CWE-428).