Fake data breach targets Ledger wallets, Tax relief business exposes personal info of 100,000 clients, and more

Originally published at: https://cloudsek.com/threatintel/fake-data-breach-targets-ledger-wallets-tax-relief-business-exposes-personal-info-of-100000-clients-and-more/

Round Up of Major Breaches and Scams

Ledger cryptocurrency wallets stolen in fake data breach

Ledger wallet users have been targetted by a phishing scam which used a fake data breach notification in order to steal cryptocurrency. The wallets were secured using a 24-word recovery phrase and support 12, 18, or 24-word recovery phrases used by other wallets. If someone knows the recovery phrase then they are able to access the funds inside the wallet. Therefore, the phrase must be kept private and offline.

Worldwide Flight Services Invests to Boost Cybersecurity Monitoring

IT services provider Transputec will provide security for Worldwide Flight Services’ (WFS) aviation cargo and ground handling operations, it has been announced. Under the agreement, Transputec will work with ThreatSpike Labs to ensure WFS has the technology and services most relevant to its needs and will provide 24/7 monitoring for potential security risks, ensuring resolution is found before they become an issue.

Tax Relief Biz Exposed Personal Info on 100,000 Clients

A UK business specializing in tax relief for its clients has exposed the personal details of over 100,000 of them via a misconfigured content management system (CMS). Researchers at Website Planet told Infosecurity exclusively about the privacy snafu, which they discovered on October 13 and notified the firm about the next day. That company was Marriage Tax Refund, a Wolverhampton-based organization whose business model is to recover marriage tax allowance funds for UK clients.

Microsoft.com Spoofed in Spear Phishing Campaign, 365 Users Targeted

Ironscales researchers found that over 200 million Microsoft 365 users globally are targeted in an organized spear-phishing campaign. The phishing campaign targeted users in multiple business sectors including financial services, insurance, health care, and manufacturing. Cybersecurity experts from Ironscales identified an organized spear phishing campaign targeting Microsoft 365 users in multiple business sectors including financial services, insurance, health care, manufacturing, and telecom industries.

Round Up of Major Malware and Ransomware Incidents

Adrozek malware silently inject ads into search results in multiple browsers

Microsoft warns of a new malware named Adrozek that infects devices and hijacks Chrome, Edge, and Firefox browsers by changing their settings. Microsoft warned of a new malware named Adrozek that infects devices and hijacks Chrome, Edge, and Firefox browsers by changing their settings and inject ads into search results pages. Users are redirected to fraudulent domains where they are tricked into installing tainted software.

Round Up of Major Vulnerabilities and Patches

Wormable code-execution flaw in Jabber has a severity rating of 9.9 out of 10

Cisco has patched its Jabber conferencing and messaging application against a critical vulnerability that made it possible for attackers to execute malicious code that would spread from computer to computer with no user interaction required. Again. The vulnerability, which was first disclosed in September , was the result of several flaws discovered by researchers at security firm Watchcom Security. First, the app failed to properly filter potentially malicious elements contained in user-sent messages.

Critical vulnerability found in Glassdoor’s platform

Glassdoor, a platform for posting anonymous company reviews and job hunting, has recently fixed a critical issue that could have been exploited by bad actors to take over accounts. The bug bounty researcher “Tabahi” discovered the vulnerability and described it as a site-wide cross-site request forgery (CSRF) bug with an estimated severity score of 9 – 10. A token, gdToken, was in use on the Glassdoors website to prevent CSRF from occurring on endpoints, and to an untrained eye, it could have been thought to be a secure implementation.

1 Like