Watchtower Weekly InfoSec Roundup: July 30 to August 5
Cyber Attacks & Breaches
(AlbuquerqueJournal) August 3rd
Presbyterian Healthcare Services reported a data breach that allowed unauthorized access to personal information belonging to around 183,000 patients and health plan members.
(Tech Crunch) August 3rd
An unnamed data breached seller contacted TechCrunch claiming more than 6.8 million records were stolen from the site in May by a hacker. The seller declined to say how they obtained the data.
(Tech Crunch) July 31st
Pearson, an educational software maker, said that thousands of school and university accounts, mostly in the United States, were affected by a data breach. The company added that it has notified affected users already and that the vulnerability has been fixed.
(Insurance Journal) August 1st
The insurance and finance company Ameritas has notified customers that their personal information may have been exposed in a data breach. The Lincoln Journal Star reports several employees fell victim to phishing scam.
(FOX 4) August 1st
Fox 4 has confirmed a major cyber-attack on one of Southwest Florida’s most prominent cities. Naples City Manager Charles T. Chapman IV says the city was the victim of a criminal cyber-attack. He says the thieves got away with $700,000.
(SPAMfighter) July 31st
Summa Health based in Akron city, Ohio, has discovered that access to email accounts of four employees was gained by an unauthorized individual. Those compromised email accounts contain patients' PHI (Protected Health Information).
(Vice) August 1st
Poshmark, a website focused on letting people sell used clothes, announced hackers had stolen data from the company. The information stolen includes a customer's username, first and last name, gender, city, clothes size preference, email address, and hashed password, according to the announcement.
(SC Magazine) July 30th
Sephora is reporting a data breach affecting its customers in the South Pacific and Southeast Asia. The company does not believe any credit card information was involved nor that any of the data exposed has been used in a malicious manner.
(Las Vegas Review Journal) August 1st
More than 650,000 Nevada students had personal information exposed in a data breach announced by the state’s two largest school districts, prompting internet safety advocates to urge parental caution with products children use online.
(Dark Reading) August 1st
Researchers have detected a significant uptick in the amount of South Korean-issued payment card records, with more than 1 million posted for sale on the Dark Web since May 29.
Vulnerabilities & Exploits
(Health IT Security) July 31st
About 200 million operating on the VxWorks platform, including medical equipment and IoT devices, are vulnerable to remote takeover due to 11 critical vulnerabilities, according to Armis research.
(SecurityWeek) July 31st
Google released Chrome 76 to the stable channel with 43 security fixes inside, as well as with other safety and privacy enhancements.
(SecurityWeek) July 31st
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week published an advisory to warn of multiple vulnerabilities access control systems made by Prima Systems.
(Health IT Security) July 30th
Vulnerabilities found in Palo Alto Networks, FortiGuard, and Pulse Secure Virtual Private Network (VPN) applications could allow a remote attack to take control of the affected systems, according to a recent alert from the Department of Homeland Security.
(Forbes) August 3rd
No less than five security vulnerabilities have been found in the NVIDIA GeForce, NVS, Quadro and Tesla graphics processing unit (GPU) display drivers for Windows.
Risks & Warnings
(The Hacker News) August 3rd
A team of cybersecurity researchers who discovered several severe vulnerabilities, collectively dubbed as Dragonblood, in the newly launched WPA3 WiFi security standard few months ago has now uncovered two more flaws that could allow attackers to hack WiFi passwords.
(Forbes) August 3rd
Comparitech put 21 separate Android antivirus apps to the test over the course of many weeks to see how well they would stack up against current threats. Some 47% of them failed in one way or other.
(SecurityWeek) July 30th
The Department of Homeland Security issued a security alert for small planes, warning that modern flight systems are vulnerable to hacking if someone manages to gain physical access to the aircraft.
(SC Magazine) July 31st
Researchers say they discovered a technique for exploiting Visa contactless cards that could allow attackers to bypass certain a pair of anti-fraud “payment checks” that normally require a purchaser’s verification.
(The Hacker News) July 30th
Cybersecurity researchers have discovered a pair of critical vulnerabilities in OXID eShop e-commerce software that could allow unauthenticated attackers to take full control over vulnerable eCommerce websites remotely in less than a few seconds.
(ZDNet) August 1st
A new variant of the Mirai botnet has been discovered which utilizes the Tor network to prevent command server takedowns or seizure. Mirai is an Internet of Things (IoT) botnet which has been used in distributed denial-of-service (DDoS) attacks in the past against prominent websites.
(computing) August 5th
Cybersecurity firm Malwarebytes has warned about a new exploit kit, named Lord, which is spreading ransomware via compromised websites. Lord EK was first spotted on 1st August and it was concluded that this exploit kit was part of a malvertising chain (via the PopCash ad network), using a compromised site to redirect potential victims to a malicious landing page.