Categories
Breach Cyber Security Data leak DDoS Hacking Ransomware Trojan Vulnerability

ShinyHunters offers 7.5M Dave.com users’ data, Hackers steal GitHub, GitLab tokens from Waydev, and more

Major cybersecurity events on 28th July 2020 (Evening Post): After being held hostage for a ransom of $10 million, Garmin resumes services to customers. The No More Ransom Project celebrates 4th anniversary, helps over 4.2 million visitors recover from a ransomware infection.

Round Up of Major Breaches and Scams

ShinyHunters Offers Stolen Data on Dark Web

Dave.com, a mobile banking company, announced on Friday that a hacker had exfiltrated data on more than 7.5 million users. While the company says that the hacker’s point of entry has been closed, the data has since been offered — free to paid users — on a hacking forum. The group or individual responsible for the attack is a data broker known as ShinyHunters. The threat actor has offered the Dave.com data in a dump that includes real names, phone numbers, emails, birth dates, and home addresses in cleartext.

American Insurer Charged Over Sustained Data Breach

A subsidiary of insurance company First American Financial Corp. has been charged by a New York regulator regarding a data breach that went on for several years. The New York State Department of Financial Service (DFS) filed charges on July 22 alleging that First American Title Insurance Co. exposed hundreds of millions of documents containing sensitive information. Data compromised in the breach included Social Security numbers and bank account information.

Hackers stole GitHub and GitLab OAuth tokens from Git analytics firm Waydev

Waydev, an analytics platform used by software companies, has disclosed a security breach earlier this month. The company says that hackers broke into its platform and stole GitHub and GitLab OAuth tokens from its internal database. Waydev, a San Francisco-based company, runs a platform that can be used to track software engineers’ work output by analyzing Git-based codebases. To do this, Waydev runs a special app listed on the GitHub and GitLab app stores.

Round Up of Major Malware and Ransomware Incidents

Ransomware attack on Garmin thought to be the work of ‘Evil Corp’

A ransomware attack that took the GPS and smartwatch business Garmin entirely offline for more than three days is believed to have been carried out by a Russian cybercriminal gang which calls itself “Evil Corp”. Garmin began to restore services to customers on Monday morning, after being held hostage for a reported ransom of $10m, although some services were still operating with limited functionality.

No More Ransom turns 4: Saves $632 million in ransomware payments

The No More Ransom Project celebrates its fourth anniversary today after helping over 4.2 million visitors recover from a ransomware infection and saving an estimated $632 million in ransom payments. No More Ransom was created in 2016 through an alliance between Europol’s European Cybercrime Centre, the National High Tech Crime Unit of the Netherlands’ police, McAfee, and Kaspersky to battle ransomware and provide free decryption services and support to victims.

Round Up of Major Vulnerabilities and Patches

FBI warns cyber actors abusing protocols as new DDoS attack vectors

The FBI issued an alert last week warning about the discovery of new network protocols that have been exploited to launch large-scale DDoS attacks. The Federal Bureau of Investigation sent an alert last week warning about large-scale distributed denial of service (DDoS) attacks that abused new network protocols. “Cyber actors’ abuse of built-in network protocols may enable DDoS amplification attacks to be carried out with limited resources and result in significant disruptions and impact on the targets” states the alert.

Cerberus banking Trojan team breaks up, source code goes to auction

The source code of the Android-based Cerberus banking Trojan is being auctioned off due to the break-up of the development team. As reported by Bleeping Computer, the malware’s maintainer recently posted an advert on an underground forum for Russian speakers offering the malware on a bidding basis, with the hopes of generating up to $100,000 from the sale.