Reading Time: ~ 2 min.
Quest Diagnostics Customers Affected by Third-Party Breach
The medical testing organization Quest
Diagnostics has fallen victim to a third-party data breach that could
affect nearly 12 million of their patients. AMCA, a collections agency that
works with Quest Diagnostics, noticed unauthorized access to their systems over
an eight-month period from August of last year through March 2019. The majority
of data targeted were Social Security Numbers and other financial documents,
rather than patient’s health records. The market offers a premium for such data.
Adware Installed by Millions of Android Users
Until recently, there were over 230 apps on the Google Play
store that had been compromised by a malicious
plugin that forced out-of-app advertisements on unsuspecting victims.
Globally, over 440 million individuals have installed at least one of these
compromised applications and have been affected by overly-aggressive
advertisements. While this SDK has been used legitimately for nearly a year, sometime
during 2018 the plugin began performing increasingly malicious behaviors, until
other developers caught on and began updating their own applications to remove
Chinese Database Exposes Millions of Records
A database belonging to FMC
Consulting, a headhunting firm based in China, was recently found by
researchers to be publicly available. Among the records are resumes and
personally identifiable information for millions of individuals, as well as
company data with thousands of recorded messages and emails. Unfortunately for
anyone whose information is contained within this database, in the two weeks
since being notified of the breach FMC has yet acknowledge the breach or take
steps to secure it.
Restaurant Payment Systems Infected
Customer who’ve patronized either Checkers
or Rally’s restaurants in recent months are being urged to monitor their
credit cards after the chain announced that they discovered card stealing
malware on their internal systems. While not all restaurant locations were
affected, the company is still working to determine the extent of the
compromised payment card systems and has offered credit monitoring services to
University of Chicago Medicine Server Found Online
Researchers have found a server belonging to University
of Chicago Medicine with personal information belonging to more than 1.6
million current and past donors. The data includes names, addresses, and even
marital and financial information for each donor. Fortunately, the researcher
was quick to inform the university of the unsecured ElasticSearch server and it
was taken down within 48 hours.
The post Cyber News Rundown: Medical Testing Service Data Breach appeared first on Webroot Blog.
Reading Time: ~ 2 min.
News Site Suffers Data Breach
Flipboard, a news aggregation site, recently revealed that it’s
been the victim of a data
breach that could affect many of their more than 100 million active users. Digital
tokens were among the compromised data, which could give the attackers further
access to other sites, though Flipboard promptly removed or replaced them. At
least two separate breaches have been reported by Flipboard, with one occurring
in the middle of 2018 and the other in April of this year. Both allowed the
attackers nearly unlimited access to databases containing a wealth of user
Keylogger Targets Multiple Industries
At least two separate campaigns have been found to be
emails to industry-leading companies in several different areas of
business. Hidden within these emails are two variants of the HawkEye keylogger
that perform various malicious activities beyond simply stealing keystrokes
from the infected device. By acting as a loader, HawkEye can install additional
malware and even contains a script to relaunch itself in case of a system
Australian Teen Hacks Apple
A teen from Australia was recently in court to plead guilty
to two separate hacks
on Apple, which he conducted in hopes of gaining a job with the company.
While Apple has since confirmed that no internal or customer data was breached,
they have chosen leniency after his lawyer made a case for the perpetrator being
remorseful and not understanding the full impact of his crimes.
Fake Crypto-wallets Appear on App Store
cryptocurrency wallets have made their way into the Google Play store
following the latest rise in the value of Bitcoin. Both wallets use some form
of address scam, by which the user transfers currency into a seemingly new
wallet address that was actually designed to siphon off any transferred
currency. The second of the two wallets operated under the guise of being the
“mobile” version of a well-known crypto-wallet. It was quickly identified as fake
due to an inconsistent icon image. Both fake wallets were tied to the same
domain and have since been removed from the store.
Ransomware Focuses on MySQL Servers
While the threat of GandCrab
is not new, organizations discovered its persistent risk after researchers found
it has been refocused on attacking MySQL servers. By specifically targeting the
port used to connect to MySQL servers, port 3306, the attackers have had some success,
since many admins allow port 3306 to bypass their internal firewalls to ensure
connectivity. As GandCrab continues to narrow it’s attack scope, its remaining viable
vectors are likely to be even more lucrative given that most organizations are not
able to secure everything.
The post Cyber News Rundown: Popular News Site Breached appeared first on Webroot Blog.