Categories
APT Botnet Breach Bug CVE Cyber Security Data leak Emotet Hacking Malware Phishing Ransomware TrickBot Vulnerability

Threat actors abuse Office 365 capabilities, Broadvoice data leak exposes 350M customer records, and more

Major cybersecurity events on 15th October 2020 (Evening Post): Twitter hackers trick employees by posing as IT workers to steal login credentials. After backlash over false marketing Zoom rolls out end-to-end encryption next week. TikTok announces global bug bounty program amidst court battle with U.S.

Round Up of Major Breaches and Scams

Barnes & Noble Informs Customers of Cyberattack

Bookselling giant Barnes & Noble has sent email notifications to its customers to inform them of a recent cyberattack. A Fortune 1000 company, Barnes & Noble is the bookseller with the largest number of retail outlets in the United States. The company is also known for the NOOK e-readers and for the collection of e-books it offers for the device. In the email to its users, Barnes & Noble revealed that it discovered the breach and that unauthorized actors managed to access certain corporate systems, likely compromising some user information.

Microsoft Office 365 Accounts a Big Target for Attackers

Just as they did with PowerShell for Windows, threat actors are abusing native O365 capabilities for lateral movement, command-and-control communication, and other malicious activity. With more than 258 million active users users per month, Microsoft’s Office 365 environment — like several other Microsoft technologies — has become a popular target for attackers.

Broadvoice Leak Exposes 350M Records, Personal Voicemail Transcripts

Companies that use Broadvoice’s cloud-based VoIP platform may find their patients, customers, suppliers and partners to be impacted by a massive data exposure. Broadvoice, a well-known VoIP provider that serves small- and medium-sized businesses, has leaked more than 350 million customer records related to the company’s “b-hive” cloud-based communications suite. The data includes hundreds of thousands of voicemail transcripts, many involving sensitive information such as details about medical prescriptions and financial loans.

QR code scams are making a comeback

With QR codes being used more as a means to help create a COVID-19 proof environment, we’re also seeing a comeback of QR codes scams. Just when we thought the QR code was on its way out, the pandemic has led to a return of the scannable shortcut. COVID-19 has meant finding a digital equivalent to things normally handed out physically, like menus, tour guides, and other paperwork, and many organizations have adopted the QR code to help with this. And so, it would seem, have criminals.

Twitter hackers trick employees by posing as IT workers, NY probe finds

A simple phone scam was the key first step in a Twitter hack that took over dozens of high-profile accounts this summer, New York regulators say. The hackers responsible for the July 15 attack called Twitter employees posing as company IT workers and tricked them into giving up their login credentials for the social network’s internal tools, the state’s Department of Financial Services said Wednesday.

Round Up of Major Malware and Ransomware Incidents

US Cyber Command and Microsoft Are Both Disrupting TrickBot

Earlier this month, we learned that someone is disrupting the TrickBot botnet network. Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot, an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware within compromised organizations. On Sept. 22, someone pushed out a new configuration file to Windows computers currently infected with Trickbot.

Round Up of Major Vulnerabilities and Patches

 Zoom Rolls Out End-to-End Encryption After Setbacks

After backlash over false marketing around its encryption policies, Zoom will finally roll out end-to-end encryption next week. Video-conferencing giant Zoom is rolling out a technical preview of its end-to-end encryption (E2EE) next week. Zoom has faced various controversies around its encryption policies over the past year, including several lawsuits alleging that the company falsely told users that it offers full encryption. Then, the platform came under fire in May when it announced that it would indeed offer E2EE — but to paid users only.

SAP Patches Critical Vulnerability in CA Introscope Enterprise Manager

The updates released by SAP for October 2020 include 15 Security Notes, including one that addresses a critical vulnerability. Six previously released Patch Day Security Notes were updated. Featuring a CVSS score of 10, the critical flaw is an OS command injection vulnerability that affects CA Introscope Enterprise Manager version 10.7.0.304 or lower (impacted products include Solution Manager and Focused Run). The bug is tracked as CVE-2020-6364.

TikTok unveils bug bounty program, scraps with US government in court over looming ban

TikTok announced a global bug bounty program Thursday amid an ongoing court battle to continue operating in the U.S. The program, a partnership with HackerOne, is an expansion of a more limited vulnerability disclosure program for the popular video-sharing app. “This partnership will help us to gain insight from the world’s top security researchers, academic scholars and independent experts to better uncover potential threats and make our security defenses even stronger,” TikTok wrote in a blog post.