Categories
APT Breach Bug CVE Data leak Hacking Malware Phishing Ransomware Scam Trojan Vulnerability

US charges Russian intelligence officers for malware attacks, Phishing campaign targets Microsoft, Google, and more

Major cybersecurity events on 20th October 2020 (Evening Post): Ransomware gang Darkside donated part of its ransom demands to charities. Nefilim ransomware operators publish long list of Luxottica data on leak site. Google’s Waze allows hackers to identify and track user.

Round Up of Major Breaches and Scams

U.S. Charges 6 Russian Intelligence Officers Over Destructive Cyberattacks

The US government on Monday formally charged six Russian intelligence officers for carrying out destructive malware attacks with an aim to disrupt and destabilize other nations and cause monetary losses. The individuals, who work for Unit 74455 of the Russian Main Intelligence Directorate (GRU), have been accused of perpetrating the “most disruptive and destructive series of computer attacks ever attributed to a single group,” according to the Justice Department (DoJ).

Irish Regulator Investigates Instagram Over Children’s Data

Irish privacy regulators have opened two investigations into Instagram over the social media site’s handling of young people’s personal data. Ireland’s Data Protection Commission said it launched the investigations in September after receiving complaints about the company. Facebook, which owns Instagram and has its European headquarters in Ireland, said it’s in “close contact” with the commission and is “cooperating with their inquiries.”

New Phishing Campaigns Targeting Microsoft Google Users

Threat intelligence team from GreatHorn uncovered a series of ongoing phishing campaigns targeting users of Microsoft’s Office 365 and Google’s Gmail. The attackers are using imposter open redirector domains and subsidiary domains of various popular brands and sending tens of thousands of emails to corporate account users globally. The comprehensive and multi-pronged attack campaign has multiple hosting services and web servers that are used to host fraudulent Office 365 login pages.

Hackers Smell Blood as Schools Grapple With Virtual Instruction

David Uberti reports that it’s been a rough school year already in terms of cybersecurity. And he wisely reached out to Doug Levin for his input. Doug created and maintains a wonderful resource — the K-12 Cybersecurity Resource Center that maps reports in k-12 from around the country. At least 289 districts across the U.S. have suffered cyber incidents such as hacks this year, according to Doug Levin, who runs Arlington, Va.-based consulting firm EdTech Strategies LLC.

Round Up of Major Malware and Ransomware Incidents

Ransomware Gang Donated Part of Ransom Demands to Charities

A budding ransomware group donated part of the ransom demands that it had previously extorted from its victims to two charities. On October 13, the Darkside ransomware group announced the donations in a blog post on its dark web portal. As quoted by ZDNet: As we said in the first press release – we are targeting only large profitable corporations. We think it’s fair that some of the money they’ve paid will go to charity. No matter how bad you think our work is, we are pleased to know that we helped change someone’s life.

Nefilim ransomware gang published Luxottica data on its leak site

The Nefilim ransomware operators have posted a long list of files that appear to belong to Italian eyewear and eyecare giant Luxottica. Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world’s largest company in the eyewear industry. As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com.

Round Up of Major Vulnerabilities and Patches

Google’s Waze Can Allow Hackers to Identify and Track Users

The company already patched an API flaw that allowed a security researcher to use the app to find the real identity of drivers using it. A security researcher has discovered a vulnerability in Google’s Waze app that can allow hackers to identify people using the popular navigation app and track them by their location. Security DevOps engineer Peter Gasper discovered an API flaw in the navigation software that allowed him to track the specific movements of nearby drivers in real time and even identify exactly who they are, he revealed in a blog post on his research website, “malgregator.”

Adobe Patches 9 Vulnerabilities in Magento

Adobe last week patched a total of nine vulnerabilities in its Magento e-commerce platform, including two critical issues. The vulnerabilities rated critical have been described as a “file upload allow list bypass” that can lead to arbitrary code execution, and an SQL injection flaw that can provide an attacker read or write access to the targeted store’s database. However, exploitation of these vulnerabilities requires admin privileges, which means they need to be chained with other weaknesses.

Serious Vulnerability in GitHub Enterprise Earns Researcher $20,000

A security researcher says he has earned $20,000 for a high-severity GitHub Enterprise vulnerability that might have allowed an attacker to execute arbitrary commands. GitHub Enterprise, the on-premises version of GitHub.com, is designed to make it easier for large enterprise software development teams to collaborate. In June, Australia-based software developer and security researcher William Bowling informed GitHub via its bug bounty program that he had identified a potentially serious vulnerability.