Cyber Round-up for 22nd November
Welcome to the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
As we enter the holiday season, we will inevitably see the annual increase in online fraud and theft. Retail companies have become a big target for criminals in the last year and have suffered more data breaches than any other company. Due to the ease in which cybercriminals can monetise stolen information the Retail industry have become a bigger target for organised crime. The article covers typical attack methods and advise to retail companies on how they can protect themselves. This includes achieving compliance, securing data and encrypting their payment card systems. The retail industry cannot afford to ignore cybersecurity, if your retail systems are not up to scratch we suggest you get securing them immediately.
Hours after the release of their new streaming service, Disney+, users took to social media to complain about their accounts being compromised. It was later discovered that these stolen accounts were being listed on hacking websites and were on sale for $1 a month. This was achieved through phishing emails sent to the subscribers, which were used to gain their login credentials. The credentials were changed by the hackers immediately to lock the users out. Users are advised to take caution when responding to emails or clicking links to avoid being involved in this kind of phishing attack.
The personal information of approximately 2.2 million users has been posted online, including passwords. The leaked information has come from two websites; the first is a cryptocurrency wallet service called GateHub, and the other is a RuneScape bot provider called EpicBot. Around 1.4 million accounts were breached from GateHub, and around 800,000 from EpicBot. The attacker posted the database online, which included 2FA keys, mnemonic phrases and wallet hashes; despite the leaked information, GateHub confirmed that no wallet hashes had been accessed. Any users of these websites are advised to change their passwords as soon as possible.
Macy’s recently made an announcement in which they told the public of a MageCart skimming attack that was present on their website. The attack was implanted in the online payment portal of the site and has reportedly been active since October 7. The company has not disclosed how many customers were affected by the breach, or how the unauthorised code made its way into their website; however they have confirmed that law enforcement and a forensics firm are looking into the incident and are actively investigating the severity of the breach. More details on the incident included in the original post.
A recent phishing scheme has emerged that sends emails using legitimate organisations’ Office 365 infrastructure. The attackers are targeting administrator accounts which they then use to send out phishing emails; by doing this, they do not have to worry about teh organisations users discovering their malicious intent. More details on the nature of this phishing scheme are included in the original post, as well as potential trends and ways to spot them.
Vulnerabilities & Updates
The security research team at Checkmarx have discovered what is possibly the most alarming vulnerability to date. Their most recent discovery is a flaw affecting all Android devices which could allow an attacker to seize control of your smartphone camera, remotely take photographs, record conversations and discover your location. This vulnerability which is essentially a full spyware functionality has the potential to impact hundreds of millions of Android users worldwide. This flaw has been patched for Google devices in a recent update, but there has been no news on Samsung devices yet.
And that’s it for this week round-up, please don’t forget to tune in for our next instalment.
Why not follow us on social media using the links provided on the right.
Edition #68 – 22nd November 2019
Ironshare – Security Simplified