Breach Cyber Security Malware MiTM Phishing Ransomware RAT Spyware Trojan

Tesla user data sold on eBay, Arogya Setu denies data breach of 90M Indians, 22M Unacademy user data sold after data breach, and more

Major cybersecurity events on 6th May 2020: 44 million Pakistani mobile users data leaked online. Microsoft’s GitHub account hacked, 500 GB data stolen. Hackers impersonate financial NGO to steal Microsoft Sharepoint, Office credentials. Snake ransomware targets healthcare among other businesses.

Round Up of Major Breaches and Scams

Sensitive user data found in Tesla car parts sold on eBay

It started when Green discovered discarded infotainment components available for sale on eBay, which is nothing out of the ordinary. But, what makes this rather concerning is that Tesla didn’t delete the stored user data from the components.

Aarogya Setu says ‘no data, security breach’ after hacker claims data of 90 million Indians at stake

The official handle of Aarogya Setu, the contact-tracing app developed by the National Informatics Centre (NIC) under the Ministry of Electronics and Information Technology, asserted late on Tuesday that “no data or security breach had been identified” in the app.

Details of 44m Pakistani mobile users leaked online, part of bigger 115m cache

The details of 44 million Pakistani mobile subscribers have leaked online this week, ZDNet has learned. The leak comes after a hacker tried to sell a package containing 115 million Pakistani mobile user records last month for a price of $2.1 million in bitcoin.

Microsoft’s GitHub account allegedly hacked, 500GB stolen

A hacker claims to have stolen over 500GB of data from Microsoft’s private GitHub repositories, BleepingComputer has learned. This evening, a hacker going by the name Shiny Hunters contacted BleepingComputer to tell us they had hacked into the Microsoft GitHub account, gaining full access to the software giant’s ‘Private’ repositories.

Cisco Webex phishing uses fake cert errors to steal credentials

A highly convincing series of phishing attacks are using fake certificate error warnings with graphics and formatting lifted from Cisco Webex emails to steal users’ account credentials. Cisco Webex is a video and team collaboration solution that helps users set up video conferences, webinars, online meetings, and share their screens with their colleagues and friends. The platform is currently facing an influx of new users due to the unusual remote working increase caused by the COVID-19 pandemic.

Hackers use website favicon to camouflage credit card skimmer

Hackers have created and used a fake icon portal to host and load a JavaScript web skimmer camouflaged as a favicon onto compromised e-commerce portals to steal their customers’ credit card and personal information.

Hacker sells 22 million Unacademy user records after data breach

Online learning platform Unacademy has suffered a data breach after a hacker gained access to their database and started selling the account information for close to 22 million users. Unacademy is one of India’s largest online learning platforms boasting 14K teachers, over a million video lessons, and over 20 million registered users (learners).

Attackers Claim Identity of Financial NGO to Steal Sharepoint, Office Credentials

A new phishing campaign is targeting investment brokers with fraudulent emails aimed at stealing their Microsoft SharePoint and Office credentials, by invoking the identity of a credible financial regulatory organization.

Round Up of Major Malware and Ransomware Incidents

Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware

Europe’s largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber attack on its technology systems. The company said the incident has limited some of its operations, but that patient care continues.

Lazarus Group Hides macOS Spyware in 2FA Application

The North Korea-linked cyberthreat group known as Lazarus Group has added a new variant of the Dacls remote-access trojan (RAT) to its arsenal of spy gear, designed specifically for the Mac operating system.

Large scale Snake Ransomware campaign targets healthcare, more

The operators of the Snake Ransomware have launched a worldwide campaign of cyberattacks that have infected numerous businesses and at least one health care organization over the last few days. This past January, BleepingComputer reported on the new Snake ransomware that was targeting enterprise networks.

How hackers are updating the EVILNUM malware to target the global financial sector

Since at least February 2019, the hackers, who have begun impersonating CEOs and banks in their lure documents, have introduced at least seven updates to the malicious software known as EVILNUM, which enables attackers to upload and download files, harvest tracking cookies, and run arbitrary commands.

Round Up of Major Vulnerabilities and Patches

Samsung patches 0-click vulnerability impacting all smartphones sold since 2014

South Korean smartphone vendor Samsung released this week a security update to fix a critical vulnerability impacting all smartphones sold since 2014. The security flaw resides in how the Android OS flavor running on Samsung devices handles the custom Qmage image format (.qmg), which Samsung smartphones started supporting on all devices released since late 2014.

Search provider Algolia discloses security incident due to Salt vulnerability

Search service Algolia said it suffered a security breach over the weekend after hackers exploited a well-known vulnerability in the Salt server configuration software to gain access to its infrastructure. The company said the hackers installed a backdoor and a cryptocurrency miner on a small number of its servers, but that the incident did not impact its operations in any significant way.

Firefox 76 Brings Security Patches, Breached Password Alerts

Mozilla this week released Firefox 76 to the stable channel with an updated password manager, alerts for breached passwords, and patches for 11 vulnerabilities. Starting with the new release, the browser aims to help users better keep their accounts secure and easily generate strong passwords, courtesy of the new Firefox Lockwise password manager.

Two Popular VPNs Exposed Users to Attacks Via Fake Updates

VPNpro, a company that specializes in analyzing and comparing VPN services, analyzed the 20 most popular VPNs to see which of them allow attackers to intercept communications and push fake updates.