Round Up of Major Breaches and Scams
Dave.com, a mobile banking company, announced on Friday that a hacker had exfiltrated data on more than 7.5 million users. While the company says that the hacker’s point of entry has been closed, the data has since been offered — free to paid users — on a hacking forum. The group or individual responsible for the attack is a data broker known as ShinyHunters. The threat actor has offered the Dave.com data in a dump that includes real names, phone numbers, emails, birth dates, and home addresses in cleartext.
A subsidiary of insurance company First American Financial Corp. has been charged by a New York regulator regarding a data breach that went on for several years. The New York State Department of Financial Service (DFS) filed charges on July 22 alleging that First American Title Insurance Co. exposed hundreds of millions of documents containing sensitive information. Data compromised in the breach included Social Security numbers and bank account information.
Waydev, an analytics platform used by software companies, has disclosed a security breach earlier this month. The company says that hackers broke into its platform and stole GitHub and GitLab OAuth tokens from its internal database. Waydev, a San Francisco-based company, runs a platform that can be used to track software engineers’ work output by analyzing Git-based codebases. To do this, Waydev runs a special app listed on the GitHub and GitLab app stores.
Round Up of Major Malware and Ransomware Incidents
A ransomware attack that took the GPS and smartwatch business Garmin entirely offline for more than three days is believed to have been carried out by a Russian cybercriminal gang which calls itself “Evil Corp”. Garmin began to restore services to customers on Monday morning, after being held hostage for a reported ransom of $10m, although some services were still operating with limited functionality.
The No More Ransom Project celebrates its fourth anniversary today after helping over 4.2 million visitors recover from a ransomware infection and saving an estimated $632 million in ransom payments. No More Ransom was created in 2016 through an alliance between Europol’s European Cybercrime Centre, the National High Tech Crime Unit of the Netherlands’ police, McAfee, and Kaspersky to battle ransomware and provide free decryption services and support to victims.
Round Up of Major Vulnerabilities and Patches
The FBI issued an alert last week warning about the discovery of new network protocols that have been exploited to launch large-scale DDoS attacks. The Federal Bureau of Investigation sent an alert last week warning about large-scale distributed denial of service (DDoS) attacks that abused new network protocols. “Cyber actors’ abuse of built-in network protocols may enable DDoS amplification attacks to be carried out with limited resources and result in significant disruptions and impact on the targets” states the alert.
The source code of the Android-based Cerberus banking Trojan is being auctioned off due to the break-up of the development team. As reported by Bleeping Computer, the malware’s maintainer recently posted an advert on an underground forum for Russian speakers offering the malware on a bidding basis, with the hopes of generating up to $100,000 from the sale.