Author: VictorAdmin5

Crooks who hacked online shops in several countries are offering for sale more than two dozen SQL databases.

The crooks demand that victims pay BTC 0.06 (about $550) within 10 days, or they leak the database content.

The crooks hack into insecure servers that are reachable over the public web, copy the databases, and leave a note asking for a ransom in return for the stolen data.

The databases contain over 1.5 million rows. Exposed records include email addresses, names, hashed passwords , mailing addresses, gender, and dates of birth.

Read more about it here.

Samsung is patching this month a critical security issue affecting all its Android smartphones sold since 2014, beginning with Android 4.4.4 KitKat. A “zero-click” vulnerability, this newly discovered flaw could let a hacker wreak havoc on someone’s phone by simply sending a specific type of image, exploiting the device without any user action.

The vulnerability was discovered by Mateusz Jurczyk, a security researcher with Google’s Project Zero bug-hunting team, who discovered a way to exploit how Skia (the Android graphics library) handles Qmage image files (.qmg) sent to a device.

Jurczyk said the attack usually needs between 50 and 300 MMS messages to probe and bypass Android’s ASLR (Address Space Layout Randomization), which usually takes around 100 minutes, on average.

This flaw was patched in Samsung’s May 2020 Security Update for Android, so if you own a Samsung device from 2014 or later, make sure to install the update when you get it.

Read more about it here.

Microsoft warns of a spike in malware spreading via pirate streaming services and movie piracy sites during the COVID-19 pandemic.

Cybercriminals are attempting to take advantage of the COVID-19 pandemic, spreading malware via pirate streaming services and movie piracy sites during the COVID-19 outbreak, Microsoft warns.

With lockdown still in place in many parts of the world, attackers are paying attention to the increase in use of pirate streaming services and torrent downloads. We saw an active coin miner campaign that inserts a malicious VBScript into ZIP files posing as movie downloads.

— Microsoft Security Intelligence (@MsftSecIntel) April 28, 2020

“We saw an active coin miner campaign that inserts a malicious VBScript into ZIP files posing as movie downloads,” the company’s security intelligence team says in a tweet.

“The campaign, primarily observed in Spain but has also shown up in some South American countries, aims to launch a coin-mining shellcode directly in memory. We’re seeing the campaign affecting a wide range of customers, from home users to enterprises.”

The movies concerned include John Wick: Chapter 3 – Parabellum, along with Spanish-language titles including Punales Por La Espalda, La Hija de un Ladrón and Lo Dejo Cuando Quiera – as well as Contagio, the Spanish-dubbed version of Contagion.

Read more about it here.

Hackers are offering for sale over 267 million Facebook profiles for 500 Euros ($540) on dark web sites and hacker forums.

In early March 2020, security expert Bob Diachenko uncovered an Elasticsearch cluster containing more than 267 million Facebook user IDs, phone numbers, and names. The archive was left exposed online for anyone to access without authentication. According to Diachenko, the data is the result of an illegal scraping activity by hackers in Vietnam, abusing Facebook API to collect the huge trove of data. A few days later, a second server was exposed by the same criminal group. The data on this server is identical to the data on the first server, but the data includes 42 million additional records. The records did not include passwords.

Read more about it here.

Tech giant Google said the COVID-19 (Coronavirus) pandemic has led to an explosion of phishing attacks, where cybercriminals lure users into revealing personal data.

Google said it is blocking almost 100 million phishing emails per day. Over the past week, 18 million of them were COVID-19 related.

Many of the emails impersonate as if they are coming from the World Health Organization.

So far in 2020, Americans lost $12 million to cybercriminals capitalizing on COVID-19.

Google’s gmail is used by 1.5 billion people.

Read more about it here.

The town of Jupiter, Florida, was hit on March 21, 2020 by ransomware REvil/Sodinokibi.

The town announced on March 23 that serveral online services, including utility payments, plan submission systems and all town email accounts, were down as a result.

The town decided not to pay the ransom. Instead, it is restoring its files from backups.

At least four Florida cities reported 2019 ransomware attacks:

• Pensacola suffered a Dec. 7 attack that disabled its phone systems, email system, 311 customer service line and online payments for Pensacola Energy and the city’s sanitation services;
• Lake City, a city of about 13,000 residents 65 miles west of Jacksonville, paid 42 Bitcoins, between $460,000 and $480,000, to end a June cyber-attack;
• The village of Key Biscayne, a community of 13,000 east of Miami, reported a ransomware “security event” in June;
• Riviera Beach, a city of 35,000 in Palm Beach County, paid 65 Bitcoins – approximately $600,000 – in May to regain access to its computer systems.

Read more about it here.

In a data-breach notice filed with the State of California, General Electric Company (GE) noted that it contracts with Canon to process various documents related to human resources matters.

“We are aware of a data security incident experienced by one of GE’s suppliers, Canon Business Process Services, Inc. We understand certain personal information on Canon’s systems may have been accessed by an unauthorized individual.” reads the statement sent by GE to BleepingComputer. “Protection of personal information is a top priority for GE, and we are taking steps to notify the affected employees and former employees.”

Breached data included divorce, death and marriage certificates; benefits information (beneficiary designation forms and applications for benefits such as retirement, severance and death benefits); and even medical child support orders. Other hacked info includes direct-deposit forms, driver’s licenses, passports, tax withholding forms, names, addresses, Social Security numbers, bank-account numbers, dates of birth and more.

The security breach did not impacted systems at GE or records of GE customers.

Read more about it here.

As Coronavirus-related attacks continue to increase, thousands of COVID-19 scam and malicious domains are being registered.

The web sites use a variety of attacks, such as phishing attacks, frauds, and malware-based attacks. The domains typically contain keywords such as Coronavirus, COVID, COVID19, pandemic, vaccine, and virus.

A security researcher who goes online by the name of DustyFresh published a list containing thousands of COVID19-related domains created between March 14 and March 23, 2020

Read more about it here.

US telecommunications giant T-Mobile disclosed on its web site that it recently suffered a data breach on its e-mail vendor.

“Our Cybersecurity team recently identified and shut down a malicious attack against our email vendor that led to unauthorized access to certain T-Mobile employee email accounts, some of which contained account information for T-Mobile customers and employees.” reads the data breach notification.

According to T-Mobile, the information access may have included customer names, addresses, phone numbers, account numbers, rate plans and features, as well as billing information. The company stressed that customers’ financial information (such as credit card information) and Social Security numbers were not breached.

T-Mobile didn’t disclosed how many users were impacted by the data breach.

T-Mobile disclosed a similar security breach in November 2019, that according to the company impacted a small number of customers of its prepaid service.

Read more about it here.

A recent ZDnet exclusive revealed that personal information of 10.6 million guests who stayed at MGM Resorts hotels was stolen by hackers last summer and posted on a hacking forum last week.

The 10,683,188 records included full names, home addresses, phone numbers, emails, and dates of birth. The list of customers whose data were stolen includes tech CEOs and celebrities, such as Twitter CEO Jack Dorsey and pop star Justin Bieber.

In a statement made by MGM: “We are confident that no financial, payment card or password data was involved in this matter.” None of the guests stayed at the hotel past 2017.

In November 2018, the Marriott hotel chain announced that data of 500 million hotel guests was hacked in 2014.
The Marriott incident is the biggest data breach for the hospitality industry.

Read more about it here.