<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 12/10/2019

SHARE

Breaches_ITSEC-1

Birth Certificate Data Laid Bare on the Web in Multiple States

A third-party government supplier has exposed hundreds of thousands of applications containing birth-certificate data. The trove of information is owned by a company that provides an online platform to state governments – including California, New York and Texas – that allows residents to request copies of vital records. Fidus Information Security found the database hosted in an Amazon Web Services (AWS) storage bucket that was left open to the internet.


Exclusive: PR software firm exposes data on nearly 500k contacts

A company that sells content management software and services exposed data on 477,000 media contacts, including 35,000 hashed user passwords, to the public internet. In October, iPRsoftware, a U.S.-based company that specializes in software that manages and disseminates company public relations and marketing, was discovered to be exposing the data along with administrative system credentials and assorted documents.


Hackers steal credit card details from Sweaty Betty customers

Women’s activewear retailer Sweaty Betty has emailed some of its customers warning that their payment card details may have been compromised by malicious code running on its website. In an email sent to affected customers, the yoga pants and gym leggings store explained that hackers had gained access to the checkout area of its website, and planted malicious code which stole payment information as it was entered by users.

Hacking_ITSEC

U.S. City Hit by Cyberattack Days After Military Base Shooting

Authorities in Pensacola, Florida said Monday the city had been hit by a cyberattack, just days after a Saudi officer killed three American sailors at the city's naval base. Emails, telephone lines and online payment services were affected by the attack, the northwestern municipality announced on Facebook. Officials did not say whether there was a link between the cyber and naval base attacks.

Malware_ITSEC

Snatch Ransomware Reboots to Windows Safe Mode to Bypass AV Tools

Researchers discovered a new Snatch ransomware strain that will reboot computers it infects into Safe Mode to disable any resident security solutions and immediately starts encrypting files once the system loads. Encrypting the victim's files is possible because most security tools are automatically disabled when Windows devices boot in Safe Mode as the Sophos Managed Threat Response (MTR) team and SophosLabs researchers found.


Ryuk Ransomware Decryptor Is Broken, Could Lead to Data Loss

Due to recent changes in the Ryuk Ransomware encryption process, a bug in the decryptor could lead to data loss in large files. Ryuk is a ransomware infection known to target enterprise or govt agencies by gaining access to their networks and then encrypting as many computers as possible. The attackers then demand large ransoms, sometimes in the millions, in order to receive a decryptor for their files.

Exploits_ITSEC

Hardware-based Password Managers Store Credentials in Plaintext

A security researcher has analyzed three hardware-based password vaults and discovered that credentials are stored in plaintext and survive hardware resets. The investigation into these three standalone password managers has revealed that, through hardware hacking, it is possible to read data directly from the chips on the board, security researcher Phil Eveleigh explains. 

Encryption_ITSEC

The race for quantum-proof cryptography

One of the biggest threats to privacy and national security is the ability of the immensely powerful quantum computers to break prevailing methods of encryption almost instantaneously. Once quantum computers become a reality, something that could conceivably happen in the next decade or two, all of the data protected by encrypted systems on the internet will become decrypted and unprotected, accessible to all individuals, organizations or nation-states.

Software_ITSEC

Microsoft to end updates to Windows 7's free AV software, Security Essentials

Microsoft will not provide new malware signatures for its home-grown Security Essentials software after it retires Windows 7 in five weeks. Security Essentials, a free antivirus (AV) program that launched in 2008, was originally limited to consumers. However, in 2010, Microsoft expanded the licensing to small businesses, defined as those with 10 or fewer PCs. Two years after that, MSE was replaced by Windows Defender with the launch of Windows 8.