Cybersecurity Weekly: Active phishing attacks, breach blamed on password reuse, insecure smart lights

November 4, 2019 by Sam Fay

New phishing attacks target U.N. and enterprise executives. Bed Bath & Beyond blames their breach on password reuse. A new study finds smart light bulbs contain serious security gaps. All this, and more, in this week’s edition of Cybersecurity Weekly.

1. Pwn2Own expands into industrial control systems hacking

Pwn2Own’s annual hacking competition will focus on industrial control systems in 2020. Hosted in Miami on January 21–23, the contest is offering more than $250,000 in collective prizes for sniffing out flaws in ICS and associated protocols. Remote code execution flaws will have the highest payouts, with prizes up to $20,000.
Read more »

2. Active duty U.S. Military now gets free credit monitoring

The U.S. Federal Trade Commission announced that starting October 31, active duty U.S. Army service members and National Guard members receive free electronic credit monitoring from Equifax, Experian and TransUnion. This new legislature was introduced in response to the frequent targeting of U.S. Army service members in identity theft schemes.
Read more »

3. New Chrome zero-day bug under active attacks

Google has advised users to immediately install an urgent software update to patch two high-severity vulnerabilities, one of which is being actively exploited in the wild to hijack computers. Both flaws could enable remote attackers to gain privileges on the Chrome web browser just by convincing users to visit a malicious website.
Read more »

4. Fake Office 365 phishing attack targets enterprise executives

A phishing campaign that uses fake voicemail messages to lure victims into disclosing their Office 365 credentials is making the rounds. A wide range of employees are being targeted, from middle management to executive-level staff, but researchers believe this is mainly a “whaling” campaign going after high-value targets.
Read more »

5. Sophisticated spearphishing campaign targets U.N. and NGOs

The United Nations and nongovernment organizations are being targeted by a sophisticated spearphishing campaign that’s attempting to steal account credentials for Okta, Office 365 and Outlook. The use of a keylogger on the site negates the need for a victim to complete the login process, capturing the password regardless of that final process.
Read more »

6. Bed Bath & Beyond blames password reuse for hacked accounts

Bed Bath & Beyond Inc. discovered that a third party acquired login credentials from a source outside of the company’s systems. These were then used to access less than 1% of customer accounts. An investigation determined that the abused usernames and passwords were “likely acquired as a result of a breach at a different company.”
Read more »

7. Breaches at several popular domain name registrars

Top domain name registrars, and asked customers to reset their passwords after discovering an intrusion that happened in August 2019. Press releases stated that contact information and usernames were compromised, but it is still unknown if account passwords were also leaked.
Read more »

8. Unsecured Adobe server exposes data for 7.5 million Creative Cloud users

In early October, security researcher Bob Diachenko collaborated with the cybersecurity firm Comparitech to uncover an unsecured Adobe database that was publicly accessible without any password or authentication.The database, which has now been secured, contained personal information of nearly 7.5 million Creative Cloud accounts.
Read more »

9. Study warns of security gaps in smart light bulbs

Researchers at the University of Texas at San Antonio conducted a review of the security holes in popular smart-light brands. If these bulbs are infrared-enabled, hackers can send commands via the infrared invisible light from the bulbs to either steal data or spoof other connected IoT devices on the network.
Read more »

10. The Pirate Bay down for over a week from DDoS attack

The Pirate Bay was down for more than a week with most visitors seeing a Cloudflare error mentioning that a “bad gateway” was causing problems. The prolonged downtime over the past several weeks was due to a series of distributed denial of service attacks. These attacks also disabled logging and bug reporting, further extending recovery time.
Read more »

Posted: November 4, 2019
Sam Fay
View Profile