Month: November 2020

Personal and health data of 16 million Brazilians infected with Covid-19 have been exposed online, after an employee of the Albert Einstein Hospital in the city of Sao Paolo uploaded earlier in November 2020 a spreadsheet with usernames, passwords, and access keys to sensitive government systems on GitHub. The leak included the E-SUS-VE and Sivep-Gripe applications that are used to manage data on COVID-19 patients.

The two databases contained sensitive details such as patient names, addresses, ID information, but also healthcare records such as medical history and medication regimes.

Among those affected by the leak are Brazil President Jair Bolsonaro, 7 ministers, and 17 provincial governors.

The data leak was discovered by a GitHub user who found the spreadsheet containing the credentials on the GitHub account associated with the hospital employee.

The user shared his discovery with the Brazilian newspaper Estadao, which notified the Brazilian Ministry of Health and the hospital.

The spreadsheet was quickly removed from GitHub, and the passwords and the access keys for the systems were changed.

Read more about it here.

Officials confirmed that the city of Saint John, New Brunswick, Canada, was hit by a massive cyberattack, that has crippled much of its IT municipal infrastructure: The city’s website, email, online payment portals, customer service applications and more. However, the 911 center in the city remained open. The attack was discovered on November 13, 2020, and was posted on Facebook on November 16.

The city later confirmed that it was a ransomware attack. The city didn’t disclose whether a specific amount was named in the ransom demand, or details about how the attack was first discovered.

There wasn’t any indication that personal information was accessed or transferred.

Read more about it here.

Researchers at WMC Global spotted a new sneaky Office 365 phishing campaign, targeted at Office 365 users, still at the login page. The strategy involves inverting the background colors of the image presented to the user at login, causing the image hash to differ from the original. This hinders scanning engines ability to flag the image altogether.

The phishing kit further reverts the inverted image, using Cascading Style Sheets (CSS), to make the image look just like the original, legitimate background image of Office 365 login pages. Phishing engines are highly unlikely to detect the image as being an inverted copy of the Office 365 background.

While it is hard to spot fake login pages, staying away from unsolicited links and forms might save users from further trouble. Using a powerful antiivirus or antimalware detection engine should also help.

Read more about it here.