Round Up of Major Breaches and Scams
Seven Virtual Private Network (VPN) providers who claim not to keep any logs of their users’ online activities recently left 1.2 terabytes of private user data exposed to anyone who comes looking. The data, found on a server shared by the services, included the Personally Identifiable Information (PII) of potentially as many as 20 million VPN users, said researchers at vpnMentor, who uncovered the leak.
The tale of dark web’s disturbing Red Room has been revealed by Italian authorities. There’s a strong connection between child abuse and cryptocurrencies’ pseudonymity as most child sexual abuse dealings are made in Bitcoin. Because governments cannot control or regulate crypto exchange, criminals get a free-hand to commit all sorts of horrendous crimes, including live streaming the worst kind of child abuse.
Sensitive medical details of scores of West Australians have been compromised in one of the state’s biggest privacy breaches, where thousands of state government communications were published on a public website. The most sensitive information to be hacked and posted to the public forum related to the management of the COVID-19 crisis in WA, a Nine News Perth investigation revealed on Monday.
Nearly one million records containing the personal information of online students have been leaked after cloud misconfigurations by five e-learning platforms, according to WizCase. The VPN comparison site found four misconfigured and unencrypted AWS S3 buckets and one unsecured Elasticsearch server, compromising the details of countless e-learners, including many children, as well as their parents and teachers.
Round Up of Major Malware and Ransomware Incidents
Another telco company was hit by a ransomware, roughly 18,000 computers belonging to Telecom Argentina were infected over the weekend. Telecom Argentina, one of the largest internet service providers in Argentina, was hit by a ransomware attack. Ransomware operators infected roughly 18,000 computers during the weekend and now are asking for a $7.5 million ransom. The incident took place on Saturday, July 18, it had a severe impact on the company operations.
After awakening last week and starting to send spam worldwide, Emotet is now once again installing the TrickBot trojan on infected Windows computers. On July 17th, 2020, after over five months of inactivity, the Emotet Trojan woke up and started massive spam campaigns pretending to be payment reports, invoices, shipping information, and employment opportunities. These spam emails contain malicious documents that will install the Emotet trojan on the recipient’s computer when opened and macros enabled.
Cloud software provider Blackbaud has admitted that it paid cybercriminals to regain control of data following a ransomware attack in May 2020. The company, which is known for its fundraising suites aimed at educational institutions and charities, offers a diverse portfolio of management and payment services to help process donations and fundraises. The company published a notice on a ransomware attack, claiming that it was able to discover and stop the assault, but some data was exfiltrated by the attackers.
Round Up of Major Vulnerabilities and Patches
A vulnerability affecting the Zoom feature dubbed Vanity URLs could have been exploited by hackers for phishing attacks. The popularity of the Zoom video conferencing service exploded during the COVID-19 outbreak when it was chosen by organizations, schools, and private users as a collaboration platform tool. Recently researchers from Check Point discovered a vulnerability in the Zoom Vanity URL, a feature that allows users to create a ‘Vanity URL,’ which is a custom URL for your company (i.e. yourcompany.zoom.us).