A selection of this week’s more interesting vulnerability disclosures and cyber security news. Interesting week once again. I will skip any comment on AMD and Facebook, way too much said already and some links below, what I will pick out from my trove of reports are some interesting insights to where bad actors are finding information to use. The first up is an amusing experiment with MongoDB. The interesting facts are that while it was scanned by a number of endpoints, none bothered to progress to attack until it appeared on Shodan. Can we assume from this that attackers focus on a narrow range of targets that match their skill set rather than have a go at anything they can find?
Another project fishing for IAM abuse also finds similar patterns. Attackers interested in certain types of information limit their scopes, again, to a narrow selection of sources.
A curious breach too with this one. We all hear that cryptocurrency mining is now the preference for bad actors to make money, but is it a lost opportunity that a breach of a site that would be exposing a large amount of intellectual property wasn’t actively used, and instead was just used for mining? Curious…
- Hackers Steal Payment Card Data on 880K from Expedia Orbitz Expedia announces a breach exposing 880,000 customer records to the world.
- Puerto Rico’s Electric Utility Hacked in Weekend Attack Service was disrupted but no customer records compromised, officials said.
- Azure Guest Agent Design Enables Plaintext Password Theft Researchers find attackers can abuse the design of Microsoft Azure Guest Agent to recover plaintext administrator passwords.
- Suspending Cambridge Analytica and SCL Group from Facebook So Facebook is still standing by their “this is not a breach” assertion