Cybersecurity Weekly: Jeff Bezos hacked, DDoS mitigation firm admits to DDoS, TrickBot steals AD credentials
Saudi prince allegedly hacked Jeff Bezos using WhatsApp. The founder of a DDoS mitigation firm admits to launching DDoS attacks. TrickBot now steals Windows Active Directory credentials. All this, and more, in this week’s edition of Cybersecurity Weekly.
Top Security Awareness Posters
1. Saudi prince allegedly hacked Jeff Bezos using WhatsApp
Amazon founder Jeff Bezos’ iPhone was reportedly hacked in May 2018 after receiving a WhatsApp message from Saudi Crown Prince Mohammed bin Salman. A large amount of data was exfiltrated from Bezos' phone within hours after the attack. The exploit involved a zero-day vulnerability in the WhatsApp platform’s video messaging service.
Read more »
2. DDoS mitigation firm founder admits to DDoS
Last week, a Georgia man who co-founded a service designed to protect companies from DDoS attacks pleaded guilty to paying a DDoS-for-hire service to launch attacks against others. His DDoS-protection firm developed the habit of hijacking internet addresses to prevent attacks, but new evidence emerged of him using this technology against innocent organizations.
Read more »
3. 250 million Microsoft customer support records exposed online
Microsoft admitted a security incident last week that exposed nearly 250 million customer service and support records. This was the direct result of a misconfigured server containing logs of conversations between the support team and customers. Microsoft confirmed that the large majority of records did not contain personal information.
Read more »
4. Researchers earn $280,000 for hacking industrial systems at Pwn2Own Miami
A total of $280,000 was awarded to white hat hackers for uncovering security vulnerabilities in industrial systems at Pwn2Own Miami last week. The prizes for each category ranged from $5,000 to $20,000, with a bonus payout for code execution vulnerabilities. The winning team took home $80,000 for exploiting five different SCADA and ICS systems.
Read more »
5. TrickBot now steals Windows Active Directory credentials
A new module for the TrickBot trojan targets the Active Directory database stored on compromised Windows domain controllers. To compromise a network, TrickBot will download modules that perform specific behaviors such as stealing cookies, browser information and OpenSSH keys.
Read more »
6. Man pleads guilty to running CardPlanet to sell stolen credit cards
A 29-year-old hacker pleaded guilty to multiple criminal charges for running two illegal websites that helped cyber criminals commit more than $20 million in credit card fraud. His most famous, called Cardplanet, hosted roughly 150,000 payment card details between the years 2009 and 2013. The marketplace offered card details for anywhere between $2.50 and $10 per card.
Read more »
7. Malware attack took down 600 computers at Volusia County Public Library
600 staff and public access computers were taken down at Volusia County Public Library branches following a cyberattack in early January. Around 50 computers have since been recovered, and the library’s core functions are back online. An incident response investigation concluded that the malware did not spread to the library’s public Wi-Fi.
Read more »
8. Buchbinder car rental company exposes info of over 3 million customers
German car rental company Buchbinder exposed the personal information of over 3 million customers in a ten-terabyte MSSQL backup database that was left unsecure on the internet. The leaked data included customer names, emails, phone numbers, addresses, dates of birth and license numbers, as well as financial information such as bank details and payment info.
Read more »
9. With 600 million downloads, fleeceware remains an issue on Google Play store
A cybersecurity firm discovered several apps charging users an exorbitant amount of money for simple functionality. Their findings included a horoscope app that charges more than $3,600 per year and a GIF-making app that costs $237 per month. With lenient Google Play store seller policies, refunding the payment has proven to be difficult for many victims.
Read more »
10. Dating apps share personal data with advertisers, study says
See Infosec IQ in action
Unbeknownst to their users, several popular dating apps, including Tinder, OkCupid and Grindr, share detailed personal data on their subscribers with third parties for advertising purposes. The exact data shared to third parties varies by app, but could include detailed location history, sexuality, political views and drug use.
Read more »
In this Series
- Cybersecurity Weekly: Jeff Bezos hacked, DDoS mitigation firm admits to DDoS, TrickBot steals AD credentials
- Canada Flipper Zero ban and new RustDoor macOS malware
- AnyDesk hack and iPhone patched kernel flaw
- Tesla Pwn2Own hacks and iOS push alerts abuse
- TeamViewer breach and Atlassian Jira outage
- Moscow ISP revenge hack and Microsoft Sharepoint bug warning
- X verified accounts hack and SpectralBlur macOS malware
- CISA default password alert and SOHO KV-botnet campaign
- New 5G modem flaws and Apple’s data breach report
- Staples cyberattack, Agent Racoon backdoor and other news
- British Library ransomware attack, Windows fingerprint authentication bypass
- Samsung UK data breach and ransomware actor’s SEC complaint
- ICBC ransomware attack and ChatGPT outage
- Boeing Lockbit ransomware attack, Apple’s vulnerability and WhatsApp mods spyware
- Octo Tempest hacking group and new iLeakage attack
- Okta support system breach and Google Ads fake KeePass campaign
- Skype DarkGate malware, Shadow PC breach and AvosLocker ransomware warning
- 23andMe data theft, MGM’s $100M ransomware loss and the Azure VM breach
- Malicious Bing Chat ads and FBI’s dual ransomware warning
- T-Mobile app glitch and fake Booking.com pages
- Airbus data leak, Cisco Webex ad malware and €345 million TikTok fine
- New Apple iMessage exploit and CISA’s Apache RocketMQ warning
- Forever 21 data breach and Android BadBazaar espionage
- Duolingo data leak and the Met Police IT hack
- Discord.io data breach and Ivanti Avalanche vulnerabilities
- UK Electoral Commission hack and Microsoft’s role in China email breach
- Salesforce email zero-day exploit and Microsoft Power Platform criticism
- Airlines disclose pilot data breach and the Microsoft Teams bug
- GravityRAT Android Trojan and new MOVEit Transfer flaw
- University of Manchester hack and Honda API flaws
- MOVEit zero-day exploit and the U.S. iPhone hack accusation
- Daam Android virus and Barracuda zero-day flaw
- TP-Link router exploit and 18-year-old charged with hacking DraftKings accounts
- Discord support hack and Toyota location data leak
- Twitter private tweets bug and Cisco phone router vulnerabilities
- Cisco XSS zero-day flaw and PaperCut vulnerabilities
- 3CX hackers hit critical infrastructure and secondhand routers cause security concerns
- Hyundai data breach and Microsoft’s warning to accountants
- Western Digital cloud breach and the MSI ransomware hack
- TMX loan data breach, Italy bans ChatGPT and WordPress Elementor Pro exploit
- ChatGPT data leak and Gmail message theft by North Korean hackers
- U.S. federal agency hack and the return of FakeCalls Android malware
- Massive AT&T data breach and fake jobs targeting security researchers
- U.S. Marshals service breach and TPM 2.0 security flaws
- Dangerous ChatGPT apps and food giant Dole ransomware attack
- GoDaddy malware installations, record-breaking DDoS attack and the new WhiskerSpy malware
- Reddit’s employees phished, healthcare firms targeted and the new Screenshotter malware
- JD Sports data breached, VMware ESXi servers attacked and the HeadCrab malware
- Yandex source code leaked, 4500+ WordPress sites hacked and the new SwiftSlicer malware
- PayPal accounts breached, Fortinet VPN flaw exploited, and the new Hook malware
- Twitter users’ emails leaked, ChatGPT used to write malware and Slack’s repository breach
We’ll customize our demo to your
- Security awareness goals
- Existing security and employee training tools
- Industry and compliance requirements
