<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 9/20/2019

SHARE

Breaches_ITSEC-1

Mattress Company Leaks Data Records of 387K Customers

A Wisconsin mattress company leaked the records of 387,000 customers online in a database that lacked password protection, a security researcher has found. The incident once again demonstrates the potential security consequences of failing to take even the simplest security measures to protect company data. Jeremiah Fowler, cyber security researcher and tech analyst at SecurityDiscovery.com, said he discovered the online database called “Customers” on Sept. 5.


Thinkful Resets All User Passwords After Security Breach

Online developer bootcamp company Thinkful is sending out email notifications that state an unauthorized user was able to gain access to employee accounts credentials. Due to this, they are requiring all users to reset their passwords the next time they login. According to Thinkful's email, they discovered that an unauthorized user had gained access to employee credentials and immediately changed the passwords to those accounts.

Hacking_ITSEC

Payment card thieves hack Click2Gov bill paying portals in 8 cities

In 2017 and 2018, hackers compromised systems running the Click2Gov self-service bill-payment portal in dozens of cities across the United States, a feat that compromised 300,000 payment cards and generated nearly $2 million of revenue. Now, Click2Gov systems have been hit by a second wave of attacks that’s dumping tens of thousands of records onto the Dark Web, researchers said on Thursday.


Phishing Emails Deliver Amadey Malware to U.S. Taxpayers

A recently observed phishing campaign is targeting taxpayers in the United States in an attempt to infect their machines with a piece of malware named Amadey, Cofense security researchers have discovered. Relatively new and fairly simple, the Amadey botnet is available for hire for cybercriminals. One of the threat groups to have used the botnet is TA505, which leveraged it to distribute the FlawedAmmy RAT and email stealers.

Info_Security_ITSEC

These Hacks Require Literally Sneaking in the Backdoor

After slipping past security, picking a backdoor lock and gaining access to a company’s inner sanctum, a skilled hacker can cause mayhem. They can plant malware on a network, grab physical files and walk out the front door with a donut pilfered from the employee break room. Meet the world of a physical penetration tester. Think of them as the real world equivalent of a white hat hacker.


What is OAuth? How the open authorization framework works

Since the beginning of distributed personal computer networks, one of the toughest computer security nuts to crack has been to provide a seamless, single sign-on access experience among multiple computers, each of which require unrelated logon accounts to access their services and content. OAuth is an open-standard authorization protocol that describes how unrelated servers and services can safely allow authenticated access to their assets without actually sharing the initial, related, single logon credential.

Exploits_ITSEC

15,000 private webcams left open to snooping, no password required

A researcher has just published a zero-day security bug in one of the web’s most popular database administration software packages. The bug makes it possible for an attacker to delete a server by hijacking a user’s account in phpMyAdmin, a 21-year-old open-source tool used to manage MySQL and MariaDB databases.


Server-squashing zero-day published for phpMyAdmin tool

A researcher has just published a zero-day security bug in one of the web’s most popular database administration software packages. The bug makes it possible for an attacker to delete a server by hijacking a user’s account in phpMyAdmin, a 21-year-old open-source tool used to manage MySQL and MariaDB databases.


Selfie Android Apps with 1.5M+ Installs Push Ads, Can Record Audio

A couple of Android apps found in Google Play included functionality that stealthy recording audio without user consent. The apps posed as selfie camera filters and had been installed over 1.5 million times. The main activity of the two apps was not spying on users but aggressively pushing adware that covered the entire screen of the Android device. The two apps are Sun Pro Beauty Camera, which counted more than one million installations by the time it was discovered, and Funny Sweet Beauty Selfie Camera, which had been installed over 500,000 times.