A collection point
...and some of my own.
Campari Staggers following Ransomware Attack https://www.camparigroup.com/sites/default/files/downloads/20201109_Campari%20Group%20Press%20Release_ENG.pdf "Campari Group Press Release Malware attack: update on IT systems recovery Milan, November 9th, 2020-Following the previous communications on the malware attack, Campari Group informs that, in the context of its IT systems recovery plan, selected services have been progressively resumed following their successful sanitization and the installation of extra security measures." Campari was targeted by hackers using the Ragnar Locker ransomware. According to some reports, the malware attack managed to encrypt data on 24 of the company’s servers around the world, and the hackers responsible have demanded a cryptocurrency ransom worth $15 million. In its ransom note, the group claimed it had stolen 2TB worth of files from Campari’s servers, including sensitive information including bank statements, social security numbers, tax forms, contracts, and even passport details. The company has made no statement about whether it would be prepared to pay the ransom or not, but for now it certainly sounds as if it has chosen to attempt to rebuild its services on multiple sites, adding additional security measures in a bid to prevent reinfection. As to the data that was stolen.... That's another story. Let’s Encrypt Warns Some Android Users of Compatibility Issues https://www.securityweek.com/let%E2%80%99s-encrypt-warns-some-android-users-compatibility-issues?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29 Let’s Encrypt, which earlier this year announced releasing over one billion certificates since its launch in 2015, initially relied on a cross-signature from IdenTrust. It can take a certificate authority (CA) years to get a new root certificate accepted by browsers and operating systems, and in order to be able to immediately start issuing certificates that are trusted by devices, a CA can get a cross-signature from a trusted CA. Let’s Encrypt’s own root certificate is now mature and the initial certificate, which is set to expire on September 1, 2021, is no longer needed. While this will not impact most users, software that has not been updated since September 2016 and which does not trust Let’s Encrypt’s own root certificate will likely cause problems. The CA believes one of the products most impacted by this will be Android, prior to version 7.1.1. The organization estimates that roughly one-third of Android devices are still running these older versions, which means their users will start getting certificate errors once the cross-signed certificate expires. Major integrators indicated that these users account for roughly 1-5% of their traffic. While the situation might improve until next year when the certificate expires, Let’s Encrypt believes there will still be many impacted devices so it’s trying to raise awareness. Hacked In 300 Seconds: iOS 14, Samsung Galaxy S20, Windows 10 https://www.forbes.com/sites/daveywinder/2020/11/09/hacked-in-300-seconds-ios-14-samsung-galaxy-s20-windows-10/?sh=36cf9c1b4d9c the annual Tianfu Cup is in its third year. Populated by teams from China that used to dominate the Pwn2Own leaderboard until they stopped taking part, supposedly in response to a government directive banning them from doing so, some big names in hardware and software fell this year. And fell quickly: each of the 15 teams were allowed three attempts to show their exploits in a five minute timeframe. 11 targets were successfully exploited by the Chinese hackers. These included: an iPhone 11 Pro running iOS 14, Windows 10 (v2004 April 2020), the Samsung Galaxy S20, Chrome, Firefox, Safari and Adobe PDF Reader. The precise details of the vulnerabilities that the hackers managed to exploit are not known, the Tianfu Cup follows the lead of Pwn2Own and doesn't disclose these details until after the vendors have had the chance to fix them. Prize money awarded was somewhere around US $1.2M. Routers, NAS Devices, TVs Hacked at Pwn2Own Tokyo 2020 https://www.securityweek.com/routers-nas-devices-tvs-hacked-pwn2own-tokyo-2020?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29 Organizers offered a wide range of mobile and IoT devices, but participants focused on routers, NAS products and TVs. In total, participants were awarded $136,000 for 23 unique vulnerabilities across six different devices. Impacted vendors have been given 120 days to release patches before details are made public. Black Friday sales? Hackers selling network access to 7500 educational establishments have dropped their asking price. https://www.infosecurity-magazine.com/news/price-educational-rdp/ The threat actor offering the detail, reduced the asking price to BTC 10 (USD 155,300) from BTC 25 (USD 387,000) on November 4. “Educational establishments could be a particularly tantalizing target for research and intellectual property theft, especially if linked to COVID-19 research. Cyber-criminals are economically rational in their behavior and will price their ‘offer’ of credentials to maximize returns, in the shortest time, for the smallest of efforts.” Hotel Booking Firm Leaks Data on Millions of Guests https://www.websiteplanet.com/blog/prestige-soft-breach-report/ The Prestige Software hotel reservation platform has been exposing highly sensitive data from millions of hotel guests worldwide, dating as far back as 2013 and including credit card details for 100,000s of people. Based in Madrid and Barcelona, Prestige Software sells a channel management platform called Cloud Hospitality to hotels that automates their availability on online booking websites like Expedia and Booking.com. The company was storing years of credit card data from hotel guests and travel agents without any protection in place, putting millions of people at risk of fraud and online attacks. Size: 24.4 GB, totaling 10,000,000+ exposed files Data Storage Format: Misconfigured AWS S3 bucket Countries Affected: Worldwide Customer Data Exposed PII data: Full names, email addresses, national ID numbers, and phone numbers of hotel guests Credit card details: card number, cardholder’s name, CVV, and expiration date Payment details: total cost of hotel reservations Reservation details: Reservation number, dates of a stay, the price paid per night, any additional requests made by guests, number of people, guest names, and much more. Mashable Customer Data Leaked Online https://www.infosecurity-magazine.com/news/mashable-customer-data-leaked/ "This past Wednesday evening, November 4th, we learned that a hacker known for targeting websites and apps had posted a copy of a Mashable database to the internet," said Mashable. "Based on our review, the database related to a feature that, in the past, had allowed readers to use their social media account sign-in (such as Facebook or Twitter) to make sharing content from Mashable easier." Information leaked included first and last names, location data, email addresses, gender, date of registration, IP addresses, links to social media profiles, expired OAuth tokens, and the days and months on which users' birthdays fall. Leave a Reply. |
Linking the world
Sharing is caring Archives
May 2024
Categories |