IT Security Newsletter - 11/12/2020
Animal Jam kids' virtual world hit by data breach, impacts 46M accounts
The immensely popular children's online playground Animal Jam has suffered a data breach impacting 46 million accounts. Animal Jam is a virtual world created by WildWorks, where kids can play online games with other members. Geared towards children ages 7 through 11, Animal Jam has over 300 million animal avatars created by kids, with a new player registering every 1.4 seconds. Yesterday, a threat actor shared two databases belonging to Animal Jam for free on a hacker forum. READ MORE...
Rakuten sends cashback emails to customers in error
Japanese e-commerce giant Rakuten had sent email notifications yesterday to many of its customers congratulating them on newly earned cashback. Today, they took their words (and the cash) back, informing the customers the communication had been sent in error. Periodic cashback emails from Rakuten Rewards, formerly Ebates, are frequently sent to customers of Rakuten apps, Chrome browser extension, and credit card. READ MORE...
Google Patches Two More Chrome Zero-Days Exploited in Attacks
Google has released another update for Chrome 86 to patch two more zero-day vulnerabilities that have been exploited in the wild. Google has credited "anonymous" for reporting the flaws - it's unclear if it's the same or two different anonymous individuals - and it has not shared any information about the attacks in which they have been exploited. It's also unclear if the vulnerabilities were exploited in the same attack or in different, unrelated attacks. READ MORE...
Ghimob Android Banking Trojan Targets 153 Mobile Apps
A new banking trojan has been discovered targeting Android users, with the capabilities to spy on 153 mobile apps from various banks, cryptocurrencies and exchanges. Researchers describe the banking trojan, called Ghimob, as a "full-fledged spy in your pocket" that can be accessed remotely by its operators. Cybercriminals can use the trojan to bypass financial institutions' security and antifraud measures, in order to make fraudulent transactions on the victim's smartphones. READ MORE...
ModPipe malware decrypts Oracle point-of-sale database passwords
Security researchers have discovered a new malware geared with modules that target Oracle Micros Hospitality RES 3700 point-of-sale systems, one of the most widely used management software in the hospitality industry. Named ModPipe, the malware is a modular backdoor that can steal the passwords for the PoS system databases by decrypting them from Windows registry values. One particularity for ModPipe is its modular architecture that allows extending its features through downloadable components. READ MORE...
"Instant bank fraud" hoax is back - don't spread fake news!
Yesterday, we wrote about an SMS phishing scam that targeted mobile phone users by telling them that a payment hadn't gone through. The fake SMSes were believable enough, except for the link you were asked to click: The URL in the text message started with the name of the relevant mobile phone company, to lull you into a false sense of security, but ended in an unrelated scam domain set up as a vehicle for this fraud. READ MORE...
COVID-19 Data-Sharing App Leaked Healthcare Worker Info
A platform used by healthcare workers in the Philippines designed to share data about COVID-19 cases contained multiple flaws that exposed healthcare worker data and could potentially could have leaked patient data. Vulnerabilities found in both the COVID-KAYA platform's web and Android apps allowed for unauthorized users to access private data about the platform's users and potentially patient data, according to a report from researchers at the The Citizen Lab. READ MORE...
Encryption Vulnerabilities Allow Hackers to Take Control of Schneider Electric PLCs
Schneider Electric this week released advisories for vulnerabilities impacting various products, including flaws that can be exploited to take control of Modicon M221 programmable logic controllers (PLCs). A total of four vulnerabilities were discovered in Modicon M221 PLCs by researchers at industrial cybersecurity firm Claroty. Three of them were identified independently by employees of cybersecurity company Trustwave. Both Trustwave and Claroty have published blog posts detailing their findings. READ MORE...
- ...in 1954, Ellis Island closes after processing more than 12,000,000 immigrants to the United States.
- ...in 1961, gymnast and five-time Olympic medalist Nadia Comaneci, the first competitor to be awarded a perfect score of 10.0, is born in One?ti, Romania.
- ...in 1980, the space probe Voyager I makes its closest approach to Saturn and takes the first images of its rings.
- ...in 1990, English computer scientist Tim Berners-Lee publishes a formal proposal for the World Wide Web.