French sports giant Decathlon has leaked over 123 million records via an improperly secured ElasticSearch server, according to security researchers Noam Rotem and Ran Locar at VPNmentor. The two spotted the database on February 12 and notified the company four days later. (They say they typically need “days of investigation before we understand what’s at stake or who’s leaking”). Decathlon has 44 stores around the UK, and is present in 46 countries. It employs over 90,000 globally and turns over €11 billion+ in revenues annually. It pulled down the server shortly after being notified.
ISBuzz Team
In a blog post today, researchers published the dates for nearly 40 new shopping websites infected by Magecart 12 with JavaScript. All were notified of the compromise, yet 13 continued to load the malicious JavaScript. https://twitter.com/IT_securitynews/status/1232245554375208960
In response to recent Bleeping Computer reports that the operators of the DoppelPaymer Ransomware have launched a site that will be used to extort victims who do not pay a ransom and publish any files that were stolen before computers were encrypted, cybersecurity expert offers perspective.
The last 12 months have seen a number of social media giants take the leap and enter the ecommerce market in a bid to expand their offering. The latest example of this is TikTok, which has roughly 625 million active users. According to our latest consumer insight survey, 63% of consumers have bought an item that they first saw on social media, so this is a channel that we think retailers should be considering as a means of building brand and product awareness. Since its merger with Musica.ly in 2018, TikTok has exploded for the 16-24 market and shows no signs of slowing.…
As reported by Reuters, Mexico’s economy ministry detected a cyber attack on some of its servers on Sunday but did not consider sensitive information to have been compromised, and beefed up safety measures, it said in a statement. It was the second high-profile cyber attack on the Mexican government after hackers demanded $5 million in bitcoin from national oil company Pemex last November, forcing it to shut down computers nationwide.
According to ZDNet, hackers have found a bug in PayPal’s Google Pay integration and are now using it to buy products online and incur unauthorized charges to PayPal accounts. Since last Friday, users have reported seeing mysterious transactions pop up in their PayPal history as originating from their Google Pay account.
A new backdoor malware called Mozart is using the DNS protocol to communicate with remote attackers to evade detection by security software and intrusion detection systems. The researchers have discovered that the malware uses DNS to receive instructions from attackers and to evade detection. Typically when a malware phones home to receive commands that should be executed, it will do so over the HTTP/S protocols for ease of use and communication but this can be detected by security software. https://twitter.com/BleepinComputer/status/1232056164113928192
TechCrunch has reported that Rallyhood, the social network designed to help groups communicate and coordinate, left one of its cloud storage buckets containing user data open and exposed. The bucket, hosted on Amazon Web Services (AWS), was not protected with a password, allowing anyone who knew the easily-guessable web address access to a decade’s worth of user files.
In light of the news that a hacker stole the personal data of 1,000 employees of the Ordnance Survey, cybersecurity experts, offered the following comments: https://twitter.com/RobertScammell/status/1231915369612423168
According to researchers, Racoon Malware can extract sensitive data from about 60 applications and is distributed under the MaaS (malware-as-a-service) model for $75/week or $200/month.