Round Up of Major Breaches and Scams
The massive state-sponsored espionage campaign that compromised software maker SolarWinds also targeted Microsoft, as the unfolding investigation into the hacking spree reveals the incident may have been far more wider in scope, sophistication, and impact than previously thought. News of Microsoft’s compromise was first reported by Reuters, which also said the company’s own products were then used to strike other victims by leveraging its cloud offerings, citing people familiar with the matter.
Another business associate under HIPAA has disclosed a breach. You may not recognize their name, but they may handle your medical group’s billing or other functions, so if you get a letter from “MEDNAX,” don’t just assume it’s a scam. Florida-headquartered MEDNAX Services, Inc provides revenue cycle management and other administrative services to physician groups.
No charges for Dutch ethical hacker Victor Gevers who prosecutors say did actually access Trump’s Twitter account by guessing his password, “MAGA2020!” last October. When Dutch ethical hacker Victor Gevers tried to alert Secret Service that he was able to guess the password to President Donald Trump’s Twitter handle last October, there were plenty of skeptics, most notably at the White House. Now, Dutch prosecutors have determined Gevers did, in fact, guess the password to the world’s most powerful Twitter account.
Renewable electricity and gas supplier People’s Energy has told its 250,000-plus customers that a “gap” in the security of its IT system was exploited by digital burglars. The British company’s co-founders Karin Sode and David Pike wrote to customers on Thursday morning to confirm that “yesterday People’s Energy was affected by a cyber security data breach.” “No financial information, bank account details, or People’s Energy online account passwords have been compromised for any domestic customers. However, some personal detailed were accessed,” the email, mirrored on its website, stated.
An Emirati website has leaked the personal information of thousands of Israelis who used it for planning their trip to Dubai, the N12 news site reported Thursday. The Dubai-based website Sharaf Travels was used by many Israelis who took the exciting opportunity to vacation in Dubai, as new Middle East destinations traditionally closed to Israeli tourists become available.
Seems like Twitter’s is ending 2020 on a bitter note! From multiple data breaches to a series of celebrity account hacks, the social networking giant suffered multiple challenges in 2020. And the latest fine from Ireland’s data regular adds to its woes. On December 15, the Irish Data Protection Commission (DPC) fined Twitter €450,000 ($547,000) as an “effective, proportionate, and dissuasive measure” for a data breach that occurred in January 2019. The data leak was a result of a vulnerability that made users’ private tweets public.
Round Up of Major Malware and Ransomware Incidents
Malware hidden in 28 third-party extensions for Google Chrome and Microsoft Edge redirects users to ads or phishing sites, Avast warned this week. Distributed through official app stores, the extensions appear to have been downloaded by approximately 3 million people. The extensions were apparently designed to help users download videos from some of the most popular platforms out there, including Facebook, Vimeo, Instagram, VK, and others.
Round Up of Major Vulnerabilities and Patches
A severe authentication bypass vulnerability has been reported in Bouncy Castle, a popular open-source cryptography library. When exploited, the vulnerability (CVE-2020-28052) can allow an attacker to gain access to user or administrator accounts due to a cryptographic weakness in the way passwords are checked. Bouncy Castle is a set of cryptography APIs used by both Java and C#/.NET developers building security applications who’d rather not worry about rolling their own cryptographic algorithms.
A critical unrestricted file upload bug in Contact Form 7 allows an unauthenticated visitor to take over a site running the plugin. A patch for the popular WordPress plugin called Contact Form 7 was released Thursday. It fixes a critical bug that allows an unauthenticated adversary to takeover a website running the plugin or possibly hijack the entire server hosting the site. The patch comes in the form of a 5.3.2 version update to the Contact Form 7 plugin.
A vulnerability has been discovered in Hewlett Packard Enterprise (HPE) Systems Insight Management (SIM) which could allow for remote code execution. HPE SIM is a management and remote support automation solution for multiple HPE servers, storage, and networking products. Successful exploitation of this vulnerability could allow for remote code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.