Categories
APT Breach Bug CVE Cyber Security Data leak Hacking Malware Phishing Ransomware Scam SIM swapping Trojan Vishing Vulnerability Zero-day

Social media firms on high alert against election misinformation, 1M Folkscam records leaked to Google, and more

Major cybersecurity events on 4th November 2020 (Morning Post): Toy maker Mattel suffers ransomware attack crippling business functions. REvil ransomware group adds KPOT malware to its arsenal, acquires source code of Trojan in auction. RegretLocker ransomware targets Windows VM.

Round Up of Major Breaches and Scams

Social Media Firms on Alert for Election Day Misinformation

Social media firms remained on high alert Tuesday against Election Day misinformation and manipulation efforts as polling places began closing in the US and focus turned to tallying ballots. Aiming to avoid the problems that occurred in the 2016 campaign, Facebook, Twitter and Google-owned YouTube were implementing policies aimed at heading off the spread of false information designed to sway the outcome of the election.

US voters targeted with robocalls telling them to stay home or vote tomorrow

Voters across multiple US states have been targeted today by robocalls telling them to stay home or come vote tomorrow, on Wednesday, due to massive turnouts and long lines at voting stations. US citizens and authorities have reported robocalls messages in nine states, including Florida, Georgia, Iowa, Kansas, Michigan, Nebraska, New York, New Hampshire, and North Carolina. In response to the reports, state officials have taken today to social media to dispel the misinformation shared in the robocalls, urging voters to vote in-person by 8 PM ET today.

Folksam data breach leaks info of 1M Swedes to Google, Facebook, more

Folksam, one of the largest insurance companies in Sweden, today disclosed a data breach affecting around 1 million Swedes after sharing customers’ personal info with multiple technology giants. The insurer discovered the data breach after an internal audit according to Jens Wikström, Head of Marketing and Sales at Folksam, and reported the incident to the Swedish Data Protection Authority (Datainspektionen).

Two Charged in SIM Swapping, Vishing Scams

Two young men from the eastern United States have been hit with identity theft and conspiracy charges for allegedly stealing bitcoin and social media accounts by tricking employees at wireless phone companies into giving away credentials needed to remotely access and modify customer account information. Prosecutors say Jordan K. Milleson, 21 of Timonium, Md. and 19-year-old Kingston, Pa. resident Kyell A. Bryan hijacked social media and bitcoin accounts using a mix of voice phishing or “vishing” attacks and “SIM swapping.”

Round Up of Major Malware and Ransomware Incidents

Toy maker Mattel discloses ransomware attack

US toymaker Mattel revealed today that it suffered a ransomware attack that crippled some business functions, but the company says it recovered from the attack with no significant financial losses. The incident took place on July 28, according to a 10-Q quarterly form the company filed with the US Securities Exchange Commission earlier today. Mattel said that the ransomware attack was initially successful and resulted in the successful encryption of some of its systems.

REvil ransomware gang ‘acquires’ KPOT malware

The operators of the REvil ransomware strain have “acquired” the source code of the KPOT trojan in an auction held on a hacker forum last month. The sale took place after the KPOT malware author decided to auction off the code, desiring to move off to other projects. The sale was organized as a public auction on a private underground hacking forum for Russian-speaking cyber-criminals, security researcher Pancak3 told ZDNet in an interview last month.

Fake COVID-19 test result email drops King Engine ransomware

“King Engine” ransomware is a variant of Hentai OniChan ransomware. According to Cofense Intelligence researchers, a new version of Hentai OniChan ransomware dubbed “King Engine” is being delivered in a Coronavirus-themed phishing campaign. The new variant exfiltrates data and demands a massive amount as ransom, which is significantly higher than previously discovered Hentai OniChan campaigns.

New RegretLocker ransomware targets Windows virtual machines

A new ransomware called RegretLocker uses a variety of advanced features that allows it to encrypt virtual hard drives and close open files for encryption. RegretLocker was discovered in October and is a simple ransomware in terms of appearance as it does not contain a long-winded ransom note and uses email for communication rather than a Tor payment site.

Campari Group victim of a malware attack

Campari Group informs that, presumably on 1 November 2020, it was the subject of a malware attack (computer virus), which was promptly identified. The Group’s IT department, with the support of IT security experts, immediately took action to limit the spread of malware in data and systems. Therefore, the company has implemented a temporary suspension of IT services, as some systems have been isolated in order to allow their sanitization and gradual restart in safe conditions for a timely restoration of ordinary operations.

Blackbaud sued in 23 class action lawsuits after ransomware attack

Leading cloud software provider Blackbaud has been sued in 23 proposed consumer class action cases in the U.S. and Canada related to the ransomware attack that the company suffered in May 2020. Blackbaud has operations in countries around the world including the United States, the United Kingdom, Australia, and Canada. The ransomware attack directly responsible for the software provider being sued was disclosed by the company on July 16, 2020.

Round Up of Major Vulnerabilities and Patches

Google Patches 30 Vulnerabilities With November 2020 Android Updates

Google this week announced the availability of a new set of monthly patches for the Android operating system, containing fixes for a total of 30 vulnerabilities. The first part of the update, the 2020-11-01 security patch level addresses a total of 17 vulnerabilities in the Android runtime, Framework, Media Framework, and System components. The most serious of the flaws is CVE-2020-0449, a critical bug in System that could be exploited to execute code remotely. The issue impacts Android 8.0, 8.1, 9, 10, and 11.

HBO Max quietly restored service to Linux users

You may be able to stream HBO Max on Linux platforms, though it is not officially supported for HBO Max at this time. For supported browsers and devices, see HBO Max supported devices or visit the HBO Max Help Center for additional support. In August, HBO broke its customers’ access to the HBO Max streaming service by cranking up the settings on its Widevine DRM service—most likely by enabling a Verified Media Path requirement.

Adobe addressed 4 critical vulnerabilities in Acrobat products

Adobe has addressed 14 vulnerabilities in its Acrobat products, including critical flaws that can be exploited by attackers for arbitrary code execution. Adobe has addressed 14 vulnerabilities in its Acrobat products, including critical flaws that can be exploited by attackers for arbitrary code execution. The vulnerabilities impact the Windows and macOS versions of Acrobat DC, Acrobat Reader DC, Acrobat 2020, Acrobat Reader 2020, Acrobat 2017, and Acrobat Reader 2017.