IT Security Newsletter - 12/20/2019
267M Facebook Users’ Phone Numbers Exposed Online
A database exposing the names, phone numbers and Facebook user IDs of millions of platform users was left unsecured on the web for nearly two weeks before it was removed. Security researcher Bob Diachenko, who along with Comparitech discovered the unsecured Elasticsearch database, believe it belongs to a cybercriminal organization, as opposed to Facebook. Diachenko went to the internet service provider (ISP) managing the IP address of the server so that the access could be removed.
The Scammer Force is Strong with Star Wars: The Rise of Skywalker
Whenever the internet lights up in anticipation of anything, there are fraudsters and scammers waiting in the wings to take advantage of it. This week’s premiere of Star Wars: The Rise of Skywalker is no exception, with cybercriminals eyeing one of the world’s most beloved franchises as rich fodder for phishing attempts. Researchers at Kaspersky ran a scan of the web this week and have found more than 30 phishing sites and malicious social-media profiles disguised as official movie accounts.
Ambitious scam wants far more than just PayPal logins
ESET researchers in Latin America have spotted fraudulent websites that impersonate PayPal and attempt to trick users into handing over considerably more than ‘only’ their access credentials to the payment service. As is commonly the case with phishing campaigns, the attackers use scare tactics that encourage you to take immediate action. The ploy here involves a spammed email alert of ‘unusual activity’ on your account, prompting you to secure it and avoid financial loss.
PoS malware skimmed convenience store customers’ card data for 8 months
US convenience store Wawa said on Thursday that it recently discovered malware that skimmed customers' payment card data at just about all of its 850 stores. The infection began rolling out to the store's payment-processing system on March 4 and wasn't discovered until December 10, an advisory published on the company's website said. It took two more days for the malware to be fully contained.
Twitter trolls attack epileptics with seizure-inducing images
On or about 15 December 2016, a troll sent a seizure-inducing GIF via Twitter to an epileptic journalist, Kurt Eichenwald. The alleged troll, John Rayne Rivello, was indicted for aggravated assault for allegedly triggering an epileptic seizure that caused a complete loss of Eichenwald’s bodily functions and mental faculty and impaired the author, mentally and bodily, for several months.
What’s behind Putin’s old-school operating system?
When it comes to computing, Vladimir Putin is old-school. Reports surfaced this week that the president of Russia is still using Windows XP as his primary operating system. Photos released by the 67-year-old world leader’s press service showed the operating system, released in 2001, running on computers in his Kremlin office, along with others at Novo-Ogaryovo, his official residence near Moscow.