Round Up of Major Breaches and Scams
Bookselling giant Barnes & Noble has sent email notifications to its customers to inform them of a recent cyberattack. A Fortune 1000 company, Barnes & Noble is the bookseller with the largest number of retail outlets in the United States. The company is also known for the NOOK e-readers and for the collection of e-books it offers for the device. In the email to its users, Barnes & Noble revealed that it discovered the breach and that unauthorized actors managed to access certain corporate systems, likely compromising some user information.
Just as they did with PowerShell for Windows, threat actors are abusing native O365 capabilities for lateral movement, command-and-control communication, and other malicious activity. With more than 258 million active users users per month, Microsoft’s Office 365 environment — like several other Microsoft technologies — has become a popular target for attackers.
Companies that use Broadvoice’s cloud-based VoIP platform may find their patients, customers, suppliers and partners to be impacted by a massive data exposure. Broadvoice, a well-known VoIP provider that serves small- and medium-sized businesses, has leaked more than 350 million customer records related to the company’s “b-hive” cloud-based communications suite. The data includes hundreds of thousands of voicemail transcripts, many involving sensitive information such as details about medical prescriptions and financial loans.
With QR codes being used more as a means to help create a COVID-19 proof environment, we’re also seeing a comeback of QR codes scams. Just when we thought the QR code was on its way out, the pandemic has led to a return of the scannable shortcut. COVID-19 has meant finding a digital equivalent to things normally handed out physically, like menus, tour guides, and other paperwork, and many organizations have adopted the QR code to help with this. And so, it would seem, have criminals.
A simple phone scam was the key first step in a Twitter hack that took over dozens of high-profile accounts this summer, New York regulators say. The hackers responsible for the July 15 attack called Twitter employees posing as company IT workers and tricked them into giving up their login credentials for the social network’s internal tools, the state’s Department of Financial Services said Wednesday.
Round Up of Major Malware and Ransomware Incidents
Earlier this month, we learned that someone is disrupting the TrickBot botnet network. Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot, an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware within compromised organizations. On Sept. 22, someone pushed out a new configuration file to Windows computers currently infected with Trickbot.
Round Up of Major Vulnerabilities and Patches
After backlash over false marketing around its encryption policies, Zoom will finally roll out end-to-end encryption next week. Video-conferencing giant Zoom is rolling out a technical preview of its end-to-end encryption (E2EE) next week. Zoom has faced various controversies around its encryption policies over the past year, including several lawsuits alleging that the company falsely told users that it offers full encryption. Then, the platform came under fire in May when it announced that it would indeed offer E2EE — but to paid users only.
The updates released by SAP for October 2020 include 15 Security Notes, including one that addresses a critical vulnerability. Six previously released Patch Day Security Notes were updated. Featuring a CVSS score of 10, the critical flaw is an OS command injection vulnerability that affects CA Introscope Enterprise Manager version 10.7.0.304 or lower (impacted products include Solution Manager and Focused Run). The bug is tracked as CVE-2020-6364.
TikTok announced a global bug bounty program Thursday amid an ongoing court battle to continue operating in the U.S. The program, a partnership with HackerOne, is an expansion of a more limited vulnerability disclosure program for the popular video-sharing app. “This partnership will help us to gain insight from the world’s top security researchers, academic scholars and independent experts to better uncover potential threats and make our security defenses even stronger,” TikTok wrote in a blog post.