A new variant of the Glupteba malware dropper is using the Bitcoin blockchain to fetch command and control (C2) server domains from Bitcoin transactions marked with OP_RETURN script opcodes. Glupteba has been previously distributed as a secondary payload by the Alureon Trojan as part of a 2011 campaign designed to push clickjacking contextual advertising, as well as by the threat actors behind Operation Windigo onto their targets’ Windows computers with the help of exploit kits in 2014, as discovered by ESET’s security research team. Four years later, in 2018, the malware dropper was again spotted by ESET while being disseminated by a malicious campaign via a Pay-Per-Install scheme, adding all the infected…
ISBuzz Team
More than any other digital communications infrastructure, cybercriminals are increasingly targeting the domain name system. The DNS, often referred to as the phone directory of the internet, is vulnerable to hijacking, a serious and growing threat. A variation known as the Sea Turtle attack is especially dangerous, threatening organizations, customers, users, and the DNS infrastructure itself. Researchers from Cisco Talos reported a dangerous example of DNS compromise in late 2018 and early 2019. Dubbed “DNSpionage,” this apparent state-sponsored attack “hijacks” the DNS, intercepting and misdirecting users to malicious website destinations without their knowledge. It was serious enough that the U.S. Department of Homeland…
A group of Chinese state-sponsored hackers known as APT5 is targeting enterprise VPN servers from Fortinet and Pulse Secure after details about security flaws in both products became public knowledge last month. https://twitter.com/campuscodi/status/1169569184600272896
Amidst reports that an exposed web server storing résumés of job seekers — including from recruitment site Monster — has been found online. The relative numbers are small compared to other breaches, but Monster.com is a known consumer-facing brand. The server contained résumés and CVs for job applicants spanning between 2014 and 2017, many of which included private information like phone numbers and home addresses, but also email addresses and a person’s prior work experience. Of the documents we reviewed, most users were located in the United States.
https://twitter.com/xxdesmus/status/1169284464830103552
It has been reported that PDF solutions provider Foxit has informed customers that it had recently detected unauthorised access to data associated with its “My Account” service. The company told SecurityWeek that the incident impacted 328,549 users. The compromised data includes names, email addresses, passwords, phone numbers, company names, and IP addresses, but payment information was not exposed.
A new report has found that 52% of multicloud environments have suffered a breach within the past year, compared with 24% of hybrid cloud users. More than half of firms running multicloud environments have been hit with a data breach in the past year, compared with 24% of hybrid cloud organisations and 24% of single-cloud users. https://twitter.com/JustinCollierMD/status/1159103709911011328
TechCrunch is reporting Huge database of Facebook users’ phone numbers found online. Here’s the news brief (we’ve added the bold typeface for emphasis): Hundreds of millions of phone numbers linked to Facebook accounts have been found online. The exposed server contained over 419 million records over several databases on users across geographies, including 133 million records on US-based Facebook users, 18 million records of users in the UK and another with more than 50 million records on users in Vietnam. But because the server wasn’t protected with a password, anyone could find and access the database. Each record contained a user’s unique Facebook ID and the phone number listed on…
Enables CISOs, CPOs, Operational Teams and Boards of Directors to Manage and Implement Privacy Requirements for January 1 Compliance Deadline and Beyond CyberSaint Security, the leading cybersecurity software firm powering automated, intelligent compliance and risk management, today announced the availability of the new California Consumer Privacy Act (CCPA) framework within the CyberStrong platform. This new release enables customers to measure, track, and report on the upcoming CCPA regulation for employees, partners, customers, management teams and Boards of Directors. The CCPA will go into effect on January 1, 2020 and mandates a stringent new degree of consumer privacy and protection. It defines and protects…
Data protection and privacy have become buzzwords in the European digital ecosystem in the era of GDPR, introduced in May last year. The Swedish data protection authorities (DPA) recently levied the first fine of approximately $ 20,000 to a high school which ran trials of facial recognition technology among a group of students to monitor their attendance. The school authorities argue that the program had the consent of the students, though that did not soften the stance of the regulator. The European data protection board citing the ‘imbalance’ between the data subject and the controller of data. Canvassing the multiple…