<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 11/02/2020

SHARE

Breaches

Gold seller JM Bullion hacked to steal customers' credit cards

Precious metal online retailer JM Bullion has disclosed a data breach after their site was hacked to include malicious scripts that stole customers' credit card information. JM Bullion is an online retailer of gold, silver, copper, platinum, and palladium products, including coins and bullion. According to a 'Notice of Data Security Incident' sent to customers, JM Bullion's web site was hacked in the middle of February 2020, when a malicious script was added to the site. READ MORE...


Over 1M Lazada RedMart accounts sold online after data breach

Singapore's largest online grocery store Lazada Redmart has suffered a data breach after 1.1 million user accounts were put up for sale on a hacker forum. The database dump containing sensitive customer is priced at $1,500. Lazada is a billion-dollar arm of Alibaba with over 8,000 employees globally. DB with 1.1 million accounts priced at $1,500. Hackers selling the illicit data dumps told BleepingComputer they had obtained Lazada's MongoDB-based data set with data from over 1.1 million RedMart accounts. READ MORE...

Hacking

Hacker is selling 34 million user records stolen from 17 companies

A threat actor is selling account databases containing an aggregate total of 34 million user records that they claim were stolen from seventeen companies during data breaches. On October 28th, a data breach broker created a new topic on a hacker forum to sell the stolen user databases for seventeen companies. In a conversation with BleepingComputer, the seller told us that they were not responsible for hacking into the seventeen companies and is acting as a broker for the databases. READ MORE...


Japanese nuclear agency warns of cyber attack, turns off email systems

Japan's Nuclear Regulation Authority is asking people to contact it via phone or fax, as it is unable to receive emails from the outside world. The NRA says on its website that it has temporarily disabled its email systems, suspending its ability to send and receive emails, after suspecting it was under cyber attack. The authority's email systems were disabled earlier this week and remain down. According to Japanese media reports, an unknown external party managed to gain unauthorised access to the Nuclear Regulation Authority's networks. READ MORE...

Software Updates

NetMarketShare ends browser war reports due to Google Chrome changes

NetMarketShare announced on Sunday plans to shut down its public browser share reporting tool, which has been available for more than 14 years. NetMarketShare announced on Sunday plans to shut down its public browser share reporting tool, which has been available for more than 14 years. Net Applications, the owners of NetMarketShare, is widely known for being a provider of usage share statistics for web browsers and operating systems. According to Net Applications, the data provided by NetMarketShare is a primary source in "tens of thousands of articles and publication". READ MORE...

Malware

Emotet malware wants to invite you to a Halloween party

To take advantage of the trick-or-treating festivities, the Emotet malware gang is sending out spam emails that invite you to a Halloween party. Emotet is a malware infection that spreads through emails containing Word documents containing malicious macros. Once these documents are opened, they will try to trick the user into enabling macros that download the Emotet malware onto the computer. Once the malware is installed, Emotet will use the computer to send spam emails and ultimately install other malware. READ MORE...


Wroba Mobile Banking Trojan Spreads to the U.S. via Texts

The Roaming Mantis group is targeting the States with a malware that can steal information, harvest financial data and send texts to self-propagate. The Wroba mobile banking trojan has made a major pivot, targeting people in the U.S. for the first time. According to researchers at Kaspersky, a wave of attacks are taking aim at U.S. Android and iPhone users in an effort that started on Thursday. The campaign uses text messages to spread, using fake notifications for "package deliveries" as a lure. READ MORE...

Information Security

Maze ransomware shuts down operations, denies creating cartel

?The Maze ransomware gang announced today that they have officially closed down their ransomware operation and will no longer be leaking new companies' data on their site. Last week, BleepingComputer reported that Maze had stopped encrypting new victims since the middle of September, cleaned up their data leak site, and was extorting their final victims. Today, Maze released a press release titled "The Project is closed," where they state that they are closed and any other ransomware operation that uses its name is a scam. READ MORE...


Marriott fined £0.05 for each of the 339 million hotel guests whose data crooks were stealing for four years

Your name, address, phone number, email address, passport number, date of birth, and sex are worth just £0.05 in the eyes of the UK Information Commissioner's Office, which has fined Marriott £18.4m after 339 million people's data was stolen from the hotel chain. The fine was imposed as a regulatory punishment for the 2018 Starwood Hotels megabreach despite Marriott not accepting liability for wrongdoing. Although the attack was originally thought to have exposed half a billion records in the chain's guest reservation database. READ MORE...

On This Date

  • ...in 1889, North and South Dakota are admitted as the 39th and 40th U.S. states.
  • ...in 1913, actor Burt Lancaster ("Elmer Gantry", "From Here to Eternity") is born in New York City.
  • ...in 1959, game show contestant Charles Van Doren admits to a Congressional committee that he had been given questions and answers in advance.
  • ...in 2016, the Chicago Cubs defeat the Cleveland Indians in the World Series, ending the longest Major League Baseball championship drought at 108 years.