Categories
Breach Cyber Security Data leak Emotet Phishing Ransomware Spam TrickBot Trojan Vulnerability

VPN services leak data of more than 20 million users, 5 E-learning sites expose a million online student records, and more

Major cybersecurity events on 21st July 2020 (Morning Post): Teens access dark web’s red rooms, apprehended after paying to watch live streaming torture videos. REvil ransomware targets Telecom Argentina, hits roughly 18,000 computers. Emotet-Trickbot resurfaces, targets Windows.

Round Up of Major Breaches and Scams

7 VPN services leaked data of over 20 million users, says report

Seven Virtual Private Network (VPN) providers who claim not to keep any logs of their users’ online activities recently left 1.2 terabytes of private user data exposed to anyone who comes looking. The data, found on a server shared by the services, included the Personally Identifiable Information (PII) of potentially as many as 20 million VPN users, said researchers at vpnMentor, who uncovered the leak.

Teens arrested after paying Bitcoin to watch livestream abuse & murder

The tale of dark web’s disturbing Red Room has been revealed by Italian authorities. There’s a strong connection between child abuse and cryptocurrencies’ pseudonymity as most child sexual abuse dealings are made in Bitcoin. Because governments cannot control or regulate crypto exchange, criminals get a free-hand to commit all sorts of horrendous crimes, including live streaming the worst kind of child abuse.

‘Unforgivable’: The privacy breach that exposed sensitive details of WA’s virus fight

Sensitive medical details of scores of West Australians have been compromised in one of the state’s biggest privacy breaches, where thousands of state government communications were published on a public website. The most sensitive information to be hacked and posted to the public forum related to the management of the COVID-19 crisis in WA, a Nine News Perth investigation revealed on Monday.

One Million Online Student Records Exposed by E-Learning Sites

Nearly one million records containing the personal information of online students have been leaked after cloud misconfigurations by five e-learning platforms, according to WizCase. The VPN comparison site found four misconfigured and unencrypted AWS S3 buckets and one unsecured Elasticsearch server, compromising the details of countless e-learners, including many children, as well as their parents and teachers.

Round Up of Major Malware and Ransomware Incidents

REvil ransomware infected 18,000 computers at Telecom Argentina

Another telco company was hit by a ransomware, roughly 18,000 computers belonging to Telecom Argentina were infected over the weekend. Telecom Argentina, one of the largest internet service providers in Argentina, was hit by a ransomware attack. Ransomware operators infected roughly 18,000 computers during the weekend and now are asking for a $7.5 million ransom. The incident took place on Saturday, July 18, it had a severe impact on the company operations.

Emotet-TrickBot malware duo is back infecting Windows machines

After awakening last week and starting to send spam worldwide, Emotet is now once again installing the TrickBot trojan on infected Windows computers. On July 17th, 2020, after over five months of inactivity, the Emotet Trojan woke up and started massive spam campaigns pretending to be payment reports, invoices, shipping information, and employment opportunities. These spam emails contain malicious documents that will install the Emotet trojan on the recipient’s computer when opened and macros enabled.

Cloud Company Blackbaud Pays Ransomware Operators to Avoid Data Leak

Cloud software provider Blackbaud has admitted that it paid cybercriminals to regain control of data following a ransomware attack in May 2020. The company, which is known for its fundraising suites aimed at educational institutions and charities, offers a diverse portfolio of management and payment services to help process donations and fundraises. The company published a notice on a ransomware attack, claiming that it was able to discover and stop the assault, but some data was exfiltrated by the attackers.

Round Up of Major Vulnerabilities and Patches

A flaw in Zoom’s Vanity URL feature could have been exploited in phishing attacks

A vulnerability affecting the Zoom feature dubbed Vanity URLs could have been exploited by hackers for phishing attacks. The popularity of the Zoom video conferencing service exploded during the COVID-19 outbreak when it was chosen by organizations, schools, and private users as a collaboration platform tool. Recently researchers from Check Point discovered a vulnerability in the Zoom Vanity URL, a feature that allows users to create a ‘Vanity URL,’ which is a custom URL for your company (i.e. yourcompany.zoom.us).