Microsoft has admitted that between December 5th-31st 2019, a misconfiguration of the security rules for (what should have been) an internal customer support database left it exposed for anyone to access – no password required. According to researcher Bob Diachenko the nearly 250 million Customer Service and Support (CSS) records, contained logs of conversations between Microsoft’s support team and customers around the world.
It's like a plot from a bad thriller: a forensic analysis paid for by Jeff Bezos found that his cell phone coughed up massive amounts of personal information within hours of receiving a WhatsApp-attached video file sent by the future king of Saudi Arabia, the Guardian and the Financial Times reported on Tuesday. The text, the analysis is reported to say, came on May 1, 2018. That's when Saudi Crown Prince Mohammed bin Salman sent Bezos a text over WhatsApp weeks after the two had exchanged numbers.
Sensitive personal and financial information of UPS Store customers was exposed in a phishing incident affecting roughly 100 local store locations between September 29, 2019, and January 13, 2020. "Email accounts at less than two percent of The UPS Store locations in the U.S. were victim of a phishing incident, which may have impacted some Personally Identifiable Information (PII) for a very small fraction of customers of The UPS Store," Public Relations & Social Media Manager Jenny Robinson told BleepingComputer.
A new Citibank phishing scam is underway that utilizes a convincing domain name, TLS certs, and even requests OTP codes that could easily cause people to believe they are submitting their personal information on a legitimate page. It is not known how users arrive at this phishing site, whether it be from an email or SMS text, but when they visit the update-citi .com landing page found by MalwareHunterTeam, they will be presented with a convincing Citibank login page.
The 2017 WannaCry-fueled shutdown of a car facility and other high-profile infections make ransomware too big to ignore for the manufacturing sector. But while factory operators reckon with their security weaknesses, they sometimes lack information on how and why their networks attract the interest of digital thieves.
Internet routers running the Tomato alternative firmware are under active attack by a self-propagating exploit that searches for devices using default credentials. When credentials are found and remote administration has been turned on, the exploit then makes the routers part of a botnet that’s used in a host of online attacks, researchers said on Tuesday.
ACROS Security’s 0patch service on Tuesday released an unofficial fix for CVE-2020-0674, a recently disclosed vulnerability in Internet Explorer that has been exploited in targeted attacks. Microsoft informed customers last Friday that Internet Explorer is affected by a zero-day vulnerability. The flaw has been described as a memory corruption issue that can be exploited for remote code execution by getting the targeted user to visit a specially crafted website with an affected version of the browser.