Categories
Articles

Cyber Crime in the News

Black Hat Hacking and online crime are on-going day-to-day activities. So what are some of the latest threats and breaches happening right now in the world of Cyber Crime?

Cyber Crime in the News

Below is an overview of some of the latest threats and breaches as reported by a variety of news outlets together with sources covered in our Vulnerabilities Alert! article:

Hotel Booking Firm Leaks Data on Millions of Guests

A hotel software provider has exposed the personal data of millions of guests around the world after misconfiguring an AWS bucket, according to a new report from Website Planet.

Among the leaked data were full names, email addresses, national ID numbers and the phone numbers of hotel guests. For hundreds of thousands of individuals card booking details including card number, cardholder’s name, CVV and expiration date were also exposed.

infosecurity-magazine.com

Info Security Magazine – Nov 9, 2020

Chinese hacking competition cracks Chrome, ESXi, Windows 10, iOS 14, Galaxy 20, Qemu, and more

VMware has taken the unusual step of warning about an imminent security advisory after a Chinese team successfully popped its flagship product.
News of the crack came from Tianfu Cup, a hacking contest staged in China over the weekend and modelled on events like “Pwn2Own” where vendors allow teams to take down their wares under controlled conditions.
The targets for the competition included the iPhone 11 running the new iOS 14, and the big four browsers – Chrome, Safari, Firefox and Edge. Cup organisers said 11 of the attacks succeeded.

theregister.com

The Register – Nov 9, 2020

Housing Group Struck by Sodinokibi Data Thieves

A housing association in East Anglia has suffered a ransomware attack, leading to the compromise of an unknown volume of employee and customer data.
Norwich-headquartered Flagship Group put out a statement last week that it was forced to take most of its IT systems offline after the Sodinokibi strain entered the company via a phishing attack.

infosecurity-magazine.com

Info Security Magazine – Nov 9, 2020

Capcom takes systems offline following cyber-attack

Capcom, the venerable Japanese video gaming company, says it has taken parts of its network offline after systems including email and file servers were hacked.

The statement added that “there is no indication that any customer information was breached” during the attack, which began in the early hours of Monday.

portswigger.net

The Daily Swig – Nov 6, 2020

Ransomware attack shutters Brazilian courts. But did attackers breach the virtual machine divide?

Brazil’s Superior Tribunal de Justiça has temporarily shut down after a suspected ransomware attack.

Those notifications state that a virus attack was detected on November 3, when court networks were shut down as a precaution.
The most recent update says data scrambled by the ransomware related to legal proceedings, email, and administrative contracts.

theregister.com

The Register – Nov 6, 2020

New Gitpaste-12 Botnet Exploits 12 Known Vulnerabilities

Researchers discover a new worm and botnet dubbed Gitpaste-12 for its ability to spread via GitHub and Pastebin.

Gitpaste-12 has 12 unique attack modules available, though researchers note there is evidence its development is ongoing. Its current targets are Linux-based x86 servers, and Linux ARM and MIPS-based Internet of Things (IoT) devices.

darkreading.com

Dark Reading – Nov 6, 2020

Bitcoin: $1bn seized from Silk Road account by US government

Earlier this week, crypto-currency watchers noticed about 70,000 bitcoins being moved from an account believed to be linked to the illicit marketplace.

The sum is the largest amount of crypto-currency seized to date by the Department of Justice.

bbc.com

BBC News – Nov 6, 2020

Update Your iOS Devices Now — 3 Actively Exploited 0-Days Discovered

Rolled out as part of its iOS, iPadOS, macOS, and watchOS updates, the flaws reside in the FontParser component and the kernel, allowing adversaries to remotely execute arbitrary code and run malicious programs with kernel-level privileges.

The list of impacted devices includes iPhone 5s and later, iPod touch 6th and 7th generation, iPad Air, iPad mini 2 and later, and Apple Watch Series 1 and later.

thehackernews.com

The Hacker News – Nov 5, 2020

Chesapeake Regional Healthcare data breach exposes 23,000 individuals’ sensitive information

Information including names, mail addresses, email addresses, and demographics, such as donation dates and amounts, were included in the leak.

“Because the cybercriminal did not access credit card information, bank account information, social security numbers, and other personal identification information, the data breach presents a low risk for identity theft,” the statement added.

portswigger.net

The Daily Swig – Nov 4, 2020

UK cyber-threat agency confronts Covid-19 attacks

More than a quarter of the incidents which the UK’s National Cyber Security Centre (NCSC) responded to were Covid-related, according to its latest annual report.

In total there were 723 incidents of all kinds, marking close to a 10% rise on the previous period.
Of those, 194 were Covid-related.
Some of the incidents related to countering nation-state attacks, but most were criminal in nature, the GCHQ division reported.

bbc.com

BBC News – Nov 3, 2020

Have you been a recent victim of cyber crime? Are there any current threats or vulnerabilities that you think our readers should be aware of? If so please comment below.

Leave a Reply