Prevailion researchers discovered an ongoing, spear-phishing campaign coined “Autumn Aperture” that targets U.S.-based firms . The campaign is possibly linked to the North Korean Kimusky threat actors and involves sending victims trojanized documents over email. Additionally, the hackers utilize obscure file formats, making them difficult to detect by antivirus products.
ISBuzz Team
According to recent research by Capita, Organisations are failing to adequately support secure remote working practices. Despite the undoubted productivity benefits stemming from more flexible working practices, only half (52%) of the 2000 UK knowledge workers Capita surveyed said BYOD was an option for them. Even fewer, just 14%, said they were encouraged to use their own device. The vast majority of employees (92%) said they believe it’s the organisation’s job to secure remote working, yet over two-fifths (42%) claimed current security policies make it difficult to do their job. Infosecurity Magazine has covered the report in more detail here.
Garmin Southern Africa (Garmin SA) has disclosed in a series of notifications sent to its customers that payment and sensitive personal information were stolen from orders placed on the shop.garmin.co.za shopping portal. “We recently discovered theft of customer data from orders placed through shop.garmin.co.za (operated by Garmin South Africa) that compromised your personal data related to an order that you placed through the website,” said Jennifer Van Niekerk, South Africa Managing Director. The compromised data was limited to only Garmin’s South Africa site, and contained payment information, including the number, expiration date and CVV code for your payment card, along with your first and…
It has been reported that the personal records of most of Ecuador’s population, including children, has been left exposed online due to a misconfigured database. The database, an Elasticsearch searver, was discovered two weeks ago and contained a total of approximately 20.8 million user records, a number larger than the country’s total population count. The bigger number comes from duplicate records or older entries, containing the data of deceased persons. https://twitter.com/gcluley/status/1173508333325705216
Instagram’s parent company Facebook has confirmed that a newly discovered security vulnerability may have put data at risk, leaving users open to attack by threat actors. A security researcher ran tests on the platform and he successfully retrieved “secure” user data. This data included users’ real names, Instagram account numbers and handles, and full phone numbers. The linking of this data is all an attacker would need to target those users. Facebook has since made changes to Instagram to protect its users.
A recent report shows an increase in discussion on dark web forums about compromising internet-connected gas pumps. One way this is already being achieved is by hackers selling modified smart meters, following on from Russian government legislation mandating that all electricity meters in the country should be replaced by online smart meters. However, users of Russian underground forums are also requesting information on how to hack gas pumps, with tutorials available on the inner workings of commercial pumps. There’s the possibility that internet-facing gas pumps could be roped into botnets for use in Distributed Denial of Service (DDoS) attacks or abused by…
Check Point’s researchers also report the Emotet botnet has been reactivated Check Point Research has published its latest Global Threat Index for August 2019. The Research team is warning organizations of a new variant of the Mirai IoT Botnet, Echobot, which has launched widespread attacks against a range of IoT devices. First seen in May 2019, Echobot has exploited over 50 different vulnerabilities, causing a sharp rise in the ‘Command Injection Over HTTP’ vulnerability and impacted 34% of organizations globally. August has also seen the Emotet botnet’s offensive infrastructure becoming active again, after it shut down its services two months…
281 people were arrested over a four-month period in the U.S. and in countries around the world as part of Operation reWired, a coordinated effort of multiple law enforcement agencies from several countries, according to Bleeping Computer “In unraveling this complex, nationwide identity theft and tax fraud scheme, we discovered that the conspirators stole more than 250,000 identities and filed more than 10,000 fraudulent tax returns, attempting to receive more than $91 million in refunds,” said Chief Don Fort of IRS Criminal Investigation. Besides the arrests made on U.S. territory, Operation reWired also resulted in 167 arrests in Nigeria, 18 in Turkey, and 15…
According to this link, https://www.forbes.com/sites/daveywinder/2019/09/12/uber-confirms-account-takeover-vulnerability-found-by-forbes-30-under-30-honoree/#16085ecf9b87, a security vulnerability has been discovered that could allow attackers to compromise and control any Uber account. The vulnerability could be exploited to track a user’s location and take rides from their account via an application programming interface (API) request This involved first acquiring the user universally unique identifier (UUID) of any user by sending an API request that included either their telephone number or email address. “Once you have the leaked Uber UUID from the API request,” Prakash said, “you can replay the request using the victim’s Uber UUID and get access to private information like…
It has been reported that over 198 million records containing information on prospective car buyers, including loan and finance data, vehicle information and IP addresses for website visitors, has been found exposed on the internet for anyone to see. The non-password protected Elasticsearch database belonged to Dealer Leads, which is a company that gathers information on prospective buyers via a network of SEO-optimised, targeted websites. According to the researcher, the websites all provide car-buying research information and classified ads for visitors. They collect this info and send it on to franchise and independent car dealerships to be used as sales leads. The exposed database in…