Round Up of Major Breaches and Scams
Sensitive data of around two million members of the Communist Party of China (CPC) have been leaked, highlighting their positions in major organizations, including government agencies, throughout the world. According to reports from The Australian newspaper, featured in the Economic Times, the information includes official records such as party position, birthdate, national ID number and ethnicity. It revealed that members of China’s ruling party hold prominent positions in some of the world’s biggest companies, including in pharmaceutical giants.
Cybercriminals have launched a new phishing campaign targeting Ledger wallet users that uses fake data breach notifications to steal their cryptocurrency. Back in July of this year, Ledger suffered a data breach when a vulnerability in the company’s website allowed cybercriminals to access customers’ contact details. At that time, the company emailed the 9,500 customers who were affected with more information about the attack.
Google users are currently experiencing issues around the world, with users unable to access Gmail, YouTube, Google Drive, Google Maps, Google Calendar, and other Google services. When attempting to access YouTube, users are seeing loading screen and error message “There was a problem with the server (503) – Tap to retry”. Similarly, users are also unable to send or access emails using Gmail for Android and iOS. POP3 access to Gmail and the ability to access the Gmail website is affected, as shown in the screenshot below.
Russian hackers who stole red team tools from FireEye may have been in action on a much broader scale, operating a sophisticated supply chain campaign targeting multiple global organizations and governments. FireEye revealed in an update on Sunday that nation state attackers inserted malicious code into legitimate software for SolarWinds’ popular Orion product to gain remote access into victim environments.
Last week, ZDnet reported in an exclusive that the tech unicorn UiPath admitted having accidentally exposed the personal details of some users. UiPath is a leading Robotic Process Automation vendor providing a complete software platform to help organizations efficiently automate business processes. The startup started reporting the security incident to its customers that had their data accidentally exposed online, only users who registered on its platform before or on March 17, 2020, were impacted.
Round Up of Major Malware and Ransomware Incidents
The Jersey City Municipal Utilities Authority has hired a law firm to investigate a cyberattack that blocked access to “vital” water and sewer service information and led to an “emergency condition.” The ransomware attack, which occurred “on or about” Sept. 30, caused the agency to “lose access to vital information and documentation related to the provision of water and sewerage services to the citizens of the City of Jersey City,” according to a resolution approved in October.
Round Up of Major Vulnerabilities and Patches
While the number of identified vulnerabilities has increased significantly over the past years, the percentage of flaws that are exploitable or have actually been exploited has been dropping, according to vulnerability management company Kenna Security. The number of vulnerabilities that received a CVE identifier in 2011 was roughly 4,100, but the number has exceeded 10,000 every year since 2016 — there were 14,000 in 2017, 17,000 in 2018 and 20,000 in 2019. The number of CVEs assigned so far this year has exceeded 17,000.
Microsoft has partially addressed known issues impacting Windows 10 devices with certain Conexant or Synaptics audio devices after investigating ongoing errors since May 2020. Microsoft has also removed some of the safeguard holds blocking the affected systems from upgrading to the latest Windows 10 version. The known issue impacting computers with Conexant audio drivers has been under investigation since May 2020 when Microsoft released Windows 10, version 2004.