Round Up of Major Breaches and Scams
ShopRite and its parent company, Wakefern Food Corporation, will pay $235,000 after two supermarkets threw away electronic devices exposing thousands of customers’ medical information, Attorney General Gurbir Grewal announced Monday. The company will also have to improve its data security after they failed to protect the information of more than 9,700 pharmaceutical customers at the ShopRites of Millville in Cumberland County and Kingston, New York.
Former Blizzard Entertainment chief security officer (CSO) Mark Adams was introduced today as Adobe’s new CSO, in a role where he’ll be responsible for guiding the tech giant’s security steps in the company’s upcoming post-Flash era. Adams filled a role left vacant after the departure of long-time industry veteran Brad Arkin, who left Adobe after 12 years (seven as CSO) in March 2020 to join Cisco as its new Chief Security and Trust Officer.
Mandiant, the investigations unit of security firm FireEye, has published details today about a new threat actor it calls UNC1945 that the security firm says it used a zero-day vulnerability in the Oracle Solaris operating system as part of its intrusions into corporate networks. Regular targets of UNC1945 attacks included the likes of telecommunications, financial, and consulting companies, the Mandiant team said in a report published today.
The Microsoft Tips app has leaked more evidence that Microsoft is working on rounded corners for Windows 10 windows. For some time, Microsoft has been adding rounded corners to dialog boxes in Windows 10 apps such as Photos, Maps, Calculator, and the new Microsoft Edge. The Microsoft Tips apps are now leaking images of the Windows 10 Settings screens and dialogs utilizing rounded corners. This feature has been in development for some time, as seen by a screenshot of Windows Update utilizing rounded corners and showing it was developed in a Windows 10 version 20H1 preview build.
A city in the United States has been fined over $200k for failing to terminate the access rights of a former employee who stole protected health information. New Haven, Connecticut, agreed to pay a $202,400 financial penalty to the Department of Health and Human Services’ Office for Civil Rights and adopt a corrective action plan that includes two years of monitoring to resolve a HIPAA (Health Insurance Portability and Accountability Act) violation case.
Truata has announced the launch of a new privacy-enhanced self-service analytical portal for financial institutions in partnership with Mastercard. The agreement will enable Mastercard customers to analyze customer data in a way that is fully anonymized and compliant with data protection regulations. The Privacy Enhanced Analytics Platform utilizes business intelligence KPI dashboards and machine learning models, which track measurement and performance on consumer clearing data.
The British Broadcasting Corporation (BBC), the UK’s public service broadcaster, faces in excess of a quarter of a million malicious email attacks every day, according to data obtained by Parliament Street following a Freedom of Information (FoI) request. The think tank revealed that the corporation blocked an average of 283,597 malicious emails per day during the first eight months of 2020. According to the data, every month the BBC receives an average of 6,704,188 emails that are classified as scam or spam as well as 18,662 malware attacks such as viruses, ransomware and spyware.
Round Up of Major Malware and Ransomware Incidents
Media monitoring provider Isentia has put the immediate cost of a “significant” ransomware attack on its flagship intelligence and insights service last week at at least $7 million. The incident, disclosed on Tuesday last week, disrupted the operation of the company’s SaaS platform, Mediaportal. Mediaportal is Isentia’s all-in-one platform used by both public and private sector communications professionals to stay across media coverage and identify journalists.
A Russian programmer has been sentenced to eight years behind bars in America for his part in a massive cybercriminal network that hacked into and drained victims’ bank accounts. Aleksandr Brovko, 36, was arrested in the Czech Republic in 2019 and extradited to America following a lengthy probe into Russian hacking rings. He was, according to the US government, “a member of elite, online forums designed for Russian-speaking cybercriminals to gather and exchange tools and services for crime.”
Threat actor actively targeting US organizations in global intelligence-gathering campaign, government says. Kimsuky — a dangerous North Korean threat group that the Department of Homeland Security (DHS) last week warned is actively targeting US organizations — has acquired new tools for carrying out its cyber-espionage operations with greater stealth and precision.
Round Up of Major Vulnerabilities and Patches
Google has released a security update today for its Chrome web browser that patches ten security bugs, including one zero-day vulnerability that is currently actively exploited in the wild. Identified as CVE-2020-16009, the zero-day was discovered by Google’s Threat Analysis Group (TAG), a security team at Google tasked with tracking threat actors and their ongoing operations. In typical Google fashion, details about the zero-day and the group exploiting the bug have not been made public.
Oracle issued an out-of-band security update to address a critical remote code execution issue (CVE-2020-14750) impacting multiple Oracle WebLogic Server versions. Oracle issued an out-of-band security update to address a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-14750, which affects several versions of Oracle WebLogic Server. The IT giant assigned to the flaw a severity base score of 9.8 out of 10.
Google Project Zero disclosed the bug before a patch becomes available from Microsoft. A high-severity Windows driver bug is being exploited in the wild as a zero-day. It allows local privilege escalation and sandbox escape. The security vulnerability was disclosed by Google Project Zero just seven days after it was reported, since cybercriminals are already exploiting it, according to researchers.