Cyber Security News for 8May2020

  1. “Passwords are something you use almost every day, from accessing your email or banking online to purchasing goods or accessing your smartphone.  However, passwords are also one of your weakest points; if someone learns or guesses your password they can access your accounts as you, allowing them to transfer your money, read your emails, or steal your identity.” https://www.sans.org/security-awareness-training/ouch-newsletter/2017/passphrases
  2. “Yesterday Apple released iOS 13.5 beta 3 (seemingly renaming iOS 13.4.5 to 13.5 there), and that killed one of my bugs. It wasn’t just any bug though, it was the first 0day I had ever found. And it was probably also the best one. Not necessarily for how much it gives you, but certainly for how much I’ve used it for, and also for how ridiculously simple it is. So simple, in fact, that the PoC I tweeted out looks like an absolute joke. But it’s 100% real.” https://siguza.github.io/psychicpaper/
  3. “Talking to Naked Security, Denley explained that he finds new ones each day. He pointed us to this Pastebin entry showing the original 49 he reported in April, along with another 22. The new ones impersonated the Ledger, KeepKey, MetaMask, and Jaxx wallets. The IDs on the left are extension IDs, which show up at the end of an extension’s URL when viewed in the Chrome store.” https://nakedsecurity.sophos.com/2020/05/08/more-crypto-stealing-chrome-extensions-swatted-by-google/
  4. “Three more high-profile databases are being offered for sale by the same group claiming the Tokopedia and Unacademy breaches, and the more recently reported theft of Microsoft’s private GitHub repositories.  Going by the name Shiny Hunters, the group is now selling user records from meal kit delivery service HomeChef, from photo print service ChatBooks, and Chronicle.com, a news source for higher education.” https://www.bleepingcomputer.com/news/security/hackers-sell-stolen-user-data-from-homechef-chatbooks-and-chronicle/
  5. “When we talk about the second most popular Content Management System (CMS), then Joomla is there. It enables the user to do website publishing conveniently, and it is user-friendly. Although Joomla is one of the most used systems to build sites, there are still chances of a hack. If you are not keeping a check on updating its plugins, then soon you can face such a problem. Therefore you must learn several things related to fix Joomla hack.” https://hackercombat.com/learn-five-easy-steps-to-fix-joomla-hack/
  6. “Since the beginning of the calendar year, Palo Alto Networks has detected an uptick in Maze ransomware samples across multiple industries. As a result, we’ve created this general threat assessment post on the Maze ransomware activities and a full visualization of these techniques can be viewed in the Unit 42 Playbook Viewer.” https://unit42.paloaltonetworks.com/threat-brief-maze-ransomware-activities/
  7. “From strained, remote security teams to an increase in e-commerce shopping, there are more risks than ever to web applications. For instance, Klaviyo reported a 25% increase in online shopping in the New York area since March 6, 2020, and Forrester reported that web applications and software vulnerabilities are the top two ways external attacks are carried out.” https://blog.rapid7.com/2020/05/08/best-practices-for-securing-e-commerce-applications/
  8. “The Sodinokibi ransomware group threatens to release hundreds of gigabytes of legal documents from a prominent entertainment and law firm that counts dozens of international stars as their clients. Grubman Shire Meiselas & Sacks (GSMLaw) is based in New York and represents dozens of heavyweight artists. Looking at its list of clients, you can spot names that are known all over the world: Madonna, Lady Gaga, Elton John, Robert de Niro, Nicki Minaj, Chris Brown, Usher, U2, Timbaland, Rick Ross, and many others.” https://www.bleepingcomputer.com/news/security/revil-ransomware-threatens-to-leak-a-list-celebrities-legal-docs/
  9. “The credentials of 3.5 million users of MobiFriends, a popular dating app, have surfaced on a prominent deep web hacking forum, according to researchers.” https://threatpost.com/hackers-breach-3-5-million-mobifriends-dating-app-credentials/155590/
  10. “Google has released the first update for Google Authenticator in years and it comes with the long-awaited feature of being able to move 2FA accounts between devices.  When securing online accounts, many sites offer a feature called 2-factor authentication (2FA), or as 2-step verification (2SV), which requires a user to scan a unique QR code on an authentication app.” https://www.bleepingcomputer.com/news/security/new-google-authenticator-update-makes-it-worth-using-again/
  11. “When hackers lock the computer systems of a big company with ransomware, the gears of corporate damage control kick into action. Lawyers are mobilized, spokespeople are tight-lipped, and negotiation experts are sometimes brought in to talk to the hackers. Those triage teams strictly limit the information on the incident available to the public.” https://www.cyberscoop.com/maze-ransomware-mandiant-lessons-learned/
  12. “Microsoft is rolling out protection against Office 365 Reply-All email storms, an issue impacting Exchange Online users who are members of large and improperly locked down mail distribution lists. Reply-All storms (also known as reply-allpocalypses) are huge chain reaction sequences of emails that start when a member of a large organization’s email distribution list send a reply to all its members using the “Reply All” feature, in some cases effectively pinging the inboxes of thousands of people with a single mouse click.” https://www.bleepingcomputer.com/news/microsoft/microsoft-rolls-out-protection-against-office-365-email-storms/
  13. In the May 6 webinar, “Positioning for What’s Beyond the Horizon: What Digital Transformation and the Data Economy Mean for You,” the panelists provided insight into how companies and individuals are reacting to COVID-19. They discussed how hiring trends indicate the larger role digital transformation and the data economy will have, both now and in a post-COVID-19 world.” https://www.dataprivacymonitor.com/digital-transformation/positioning-for-whats-beyond-the-horizon-what-digital-transformation-and-the-data-economy-mean-for-you/
  14. “According to the breach notification email that affected customers [12] received, the data leak happened due to negligence where DigitalOcean ‘unintentionally’ left an internal document accessible to the Internet without requiring any password.” https://thehackernews.com/2020/05/digitalocean-data-breach.html

#security #cybersecurity #itsecurity #privacy #risk #compliance #shinyhunters #chrome #extensions #tokopedia #unacademy #revil #sodinokibi #digitalocean #2fa