Round Up of Major Breaches and Scams
Data breaches for long have been a problem for companies that store user data. At various times, this has resulted in highly confidential data being leaked harming the reputation of the firm involved. One such incident has emerged again when the “Aspire News App” for Android developed by a US-based non-profit suffered a data breach as reported by researchers from vpnMentor.
Noida-headquartered B2B ecommerce company IndiaMART said it is investigating the report by cybersecurity start-up CloudSEK which claimed that sensitive information of over 40K suppliers registered on IndiaMART was being sold on hacker forums. CloudSEK researcher Ashok Krishna discovered posts on two forums advertising a database of 43,920 suppliers registered on IndiaMART.
A new privacy feature in Apple iOS 14 sheds light on TikTok’s practice of reading iPhone users’ cut-and-paste data, even though the company said in March it would stop. Apple added a new banner alert to iOS 14 that lets users know if a mobile app is pasting from the clipboard and thus able to read to a user’s cut-and-paste data.
DeviceLock experts discovered a data leak of almost 5 million users in the Russian Federation, presumably from one of the employment portals; the database contains contact information and last names, first and middle names of users, said Ashot Hovhannisyan, founder and technical Director of DeviceLock, a developer of data leakage control systems.
On one of the forums in the Darknet, a database appeared with information about several million users of the Telegram messenger. The data file is about 900 megabytes. The Telegram press service confirmed the existence of the database, explaining that information is collected through the built-in contact import function even when the user registers.
As the number of coronavirus cases in the Philippines steadily increased from mid-March to late May, the National Privacy Commission (NPC) had been investigating 22 complaints of privacy breaches involving more than 150 COVID-19 patients, as well as suspected and probable cases.
Round Up of Major Malware and Ransomware Incidents
Lion, a major supplier of beer and milk in Australia and New Zealand, revealed earlier this month that manufacturing processes and customer service were disrupted following a ransomware attack. In an update shared on June 26, the company said it restored many key systems at breweries and dairy and juice sites.
The University of California, San Francisco paid criminal hackers $1.14 million this month to resolve a ransomware attack. The hackers encrypted data on servers inside the school of medicine, the university said Friday. While researchers at UCSF are among those leading coronavirus-related antibody testing, the attack didn’t impede its Covid-19 work, it said.
The France Télévisions group announced Friday that it was the victim of a cyber attack that targeted one of its broadcasting sites. According to the group, the attack did not impact its antennae. The group confirmed that the broadcasting of France 3 will be transferred to the headquarters of France Televisions, the company also activated the backup site in response to the incident.
The Australian government released an advisory late last week about increased cyber activity from a state actor against networks belonging to its agencies and companies in the country. Behind the attack is a “sophisticated” adversary that relies on slightly modified proof-of-concept exploit code for yesteryear vulnerabilities, the government says.
Round Up of Major Vulnerabilities and Patches
Researchers at IBM’s X-Force Red team have analyzed Tenda PA6 Wi-Fi powerline extenders, which are part of the company’s PH5 Powerline Extender Kit, and identified vulnerabilities that could allow attackers to take complete control of a device. Malicious actors could exploit the vulnerabilities to add a device to an IoT botnet and abuse it to launch DDoS attacks, move to other devices on the network, etc.
Microsoft has warned Exchange customers to patch their servers urgently after reporting a surge in attacks exploiting an Internet Information Service (IIS) vulnerability. That flaw, CVE-2020-0688, was patched in February, but attackers are still finding victims compromised by such attacks. With access to the targeted server, hackers often deploy a web shell to steal data or perform other malicious actions in the future.