Round Up of Major Breaches and Scams
Microsoft is tracking an ongoing Office 365 phishing campaign that makes use of several methods to evade automated analysis in attacks against enterprise targets. The campaign uses timely lures relevant to remote work, like password updates, conferencing info, helpdesk tickets, etc.
A US-based used electronics retailer TronicsXchange, previously trading as GreenElectronicsExchange (GEEx), has exposed over 2.6 million files, including ID cards and biometric images, after a misconfigured AWS S3 bucket was discovered. A random scan for server vulnerabilities led to the discovery of the wide open S3 bucket on October 12 2020.
Round Up of Major Malware and Ransomware Incidents
Previously unknown malware has been detected in widespread attacks against e-commerce customers in Latin America. The malware, dubbed Chaes by Cybereason Nocturnus researchers, is being deployed by a threat actor across the LATAM region to steal financial information. Brazilian customers of the area’s largest e-commerce company, MercadoLivre, are the focus of the infostealing malware.
Managed.com, one of the biggest providers of managed web hosting solutions, has taken down all its servers in order to deal with a ransomware attack, ZDNet has learned today. The attack took place on Monday, November 16, and the ransomware impacted the company’s public-facing web hosting systems, resulting in some customer sites having their data encrypted.
Global biotech firm Miltenyi, which supplies key components necessary for COVID-19 treatment research, has been battling a malware attack. Over the past two weeks, Miltenyi has been battling a malware attack on its IT infrastructure, the company said in a recent disclosure to its customers.
Round Up of Major Vulnerabilities and Patches
Industrial control system firms Real Time Automation and Paradox both warned of critical vulnerabilities on Tuesday that opened systems up to remote attacks by adversaries. Flaws are rated 9.8 out of 10 in severity. The Real Time Automation bug is traced back to a component made by Claroty.
Google has released today version 87 of its Chrome browser, a release that comes with a security fix for the NAT Slipstream attack technique and a broader deprecation of the FTP protocol. Todays’ release is available for Windows, Mac, Linux, Chrome OS, Android, and iOS.
A day after proof-of-concept (PoC) exploit code was published for a critical flaw in Cisco Security Manager, Cisco has hurried out a patch. The application has a vulnerability that could allow remote, unauthenticated attackers to access sensitive data on affected systems. The flaw (CVE-2020-27130) has a CVSS score of 9.1 out of 10, making it critical.
Mozilla Firefox 83 was released today with a new feature called ‘HTTPS-Only Mode’ that secures your browsing sessions by rewriting URLs to secure HTTPS versions. Windows, Mac, and Linux desktop users can upgrade to Firefox 83 by going to Options -> Help -> About Firefox.