Round Up of Major Breaches and Scams
The FBI is warning US companies about scammers actively abusing auto-forwarding rules on web-based email clients to increase the likelihood of successful Business Email Compromise (BEC) attacks.
Microsoft has removed 18 Edge browser extensions from the Edge Add-ons portal after the extensions were caught injecting ads into users’ web search results pages. The extensions were removed between November 20 and November 25 after Microsoft received multiple complaints from users via Reddit.
A Cayman Island investment firm has removed years of backups, which up until recently were easily available online thanks to a misconfigured Microsoft Azure blob. The blob’s single URL led to vast stores of files including personal banking information, passport data and even online banking PINs.
Brazilian plane manufacturer Embraer said late on Monday that it had been targeted by hackers, who obtained the disclosure of data allegedly attributed to the company. The company said the breach was identified on Nov. 25 and the culprits only got access to a single company archive.
NTreatment, a technology company that manages electronic health and patient records for doctors and psychiatrists, left thousands of sensitive health records exposed to the internet because one of its cloud servers wasn’t protected with a password.
Round Up of Major Malware and Ransomware Incidents
Online learning solutions provider K12 Inc., which recently announced changing its name to Stride Inc., said on Monday that it had decided to pay a ransom to cybercriminals who managed to breach its systems and deploy a piece of ransomware.
Ransomware operators have attacked the Huntsville City Schools district in Alabama, forcing them to shut down schools for the rest of the week and possibly next week. The Huntsville City Schools district is the sixth-largest school district in Alabama, with almost 24,000 students, 2,300 employees, and thirty-seven schools.
Round Up of Major Vulnerabilities and Patches
Four vulnerabilities have been discovered in the OpenClinic application for sharing electronic medical records. The most concerning of them would allow a remote, unauthenticated attacker to read patients’ personal health information (PHI) from the application.