Round Up of Major Breaches and Scams
Social networking giant Twitter disclosed today three new state-linked information operations that have been taken place on its platform this year. As a result of its investigation, Twitter said it banned and removed 32,242 accounts that were part of networks operated out of China, Russia, and Turkey, all three pushing local political agendas and narratives, and associated with state-sponsored entities.
There is no indication patients’ information has been misused, according to MU Health Care. It is providing complementary credit monitoring services to those whose Social Security numbers were compromised, and is implementing additional security measures to its email protocol, the release states.
Researchers from Citizen Lab uncovered the operations of a hack-for-hire group tracked as Dark Basin that targeted thousands of journalists, elected and senior government officials, advocacy groups, and hedge funds worldwide over 7 years. Dark Basin is a group of cyber mercenaries that conducted commercial espionage for its customers.
Round Up of Major Malware and Ransomware Incidents
Cisco Talos has identified a resurgence of activity by Tor2Mine, a cryptocurrency mining group that was likely last active in 2018. Tor2Mine is deploying additional malware to harvest credentials and steal more money, including AZORult, an information-stealing malware; the remote access tool Remcos; the DarkVNC backdoor trojan; and a clipboard cryptocurrency stealer.
Activewear retailer In Sport had its head office server and computers ransomwared in May, as cyber crime during COVID-19 escalates. In a letter to customers, it revealed the attack was detected on May 16 but it was unknown what files hackers accessed. On discovering the virus, In Sport immediately took its head office system offline.
Round Up of Major Vulnerabilities and Patches
Cybersecurity researchers at Reason Labs today disclosed details of a vulnerability they recently discovered in the Facebook Messenger application for Windows. The vulnerability, which resides in Messenger version 460.16, could allow attackers to leverage the app to potentially execute malicious files already present on a compromised system in an attempt to help malware gain extended access.
A protocol that allows millions of customers to use their mobile phones for data applications can also allow criminals to launch denial-of-service (DoS), user impersonation, and fraud cyberattacks. And according to a new report, the protocol, GTP, is as much a vulnerability for certain 5G networks as it is for 2G, 3G, and 4G cellular infrastructures.
A vulnerability in the website of Inventory Hive was leaking members’ personal information, including their name and address, along with internal and external property images. The vulnerability offered would-be burglars not only a blueprint to “hundreds of thousands” of users’ homes, but also a readymade ‘shopping list’ of items the properties contained.
The issue, Trustwave’s Therese Mendoza explains, isn’t widespread, but it does exist and attackers could abuse it to cause Android apps to leak critical information that could then be abused for further compromise. Activities, one of the three primary components of Android apps, are called using Intents, which are messaging objects that applications use to communicate with their different components.