Weekly Cyber Security News 03/05/2019

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Over the last few weeks there has been a number of notable code repository poisonings which quite rightly caused alarm at the possible downstream risk. This week though, a mother lode has been struck; Docker Hub. Being home to images for many core systems, and also providing keys to critical parts of the build system, this is highly shocking. Luckily it seems only a small (but still large proportion) of users are affected, and the response to deal with it was rapid, it still gives an uneasy feeling to what could happen if someone struck an even greater prize:

• Docker Hub Database Hack Exposes Sensitive Data of 190K Users

What did you do for World Password Day?

• World Password Day: A day to review your defenses

• 75% of people are stressed about remembering passwords

The more successful fraudsters and scammers play on authority in some way. If someone with a high viz jacket knocks on the door, or an apparent police officer asks you to do something, most would comply without question; and if a famous person makes contact, well, you’d be thrilled right?

• Fraudster Posed as Jason Statham to Prey Upon Star-Struck Users

 

Other news…

• Exposed Database Leaks Addresses, Income Info of Millions of Americans

• Failed blackmail attempt prompts hackers to leak ocean of data belonging to major companies

• KPMG Mexico Could Be Facing Fine of Up to $1.6 Million For Huge Data Leak Blunder

• 50,000 enterprise firms running SAP software vulnerable to attack

• 60 percent of enterprise codebases contain open-source vulnerabilities (ZDNet)

• Botnet of Over 100K Devices Used to DDoS Electrum Servers

• Brit events and info biz Incisive Media admits open server port may have left readers deets exposed (The Register)

• Cartoon Network websites hacked to show Arabic memes and Brazilian male strippers (ZDNet)

• Chinese dev jailed and fined for posting DJI”s private keys on Github

• Citrix Hackers Camped in Tech Giant”s Network for 6 Months (InfoRiskToday)

• D-Link camera vulnerability allows attackers to tap into the video stream

• Dell Computers Exposed to RCE Attacks by SupportAssist Flaws

• Docker Hub Breach: It”s Not the Numbers&#x3b; It”s the Reach (InfoRiskToday)

• Docker Hub hack exposed data of 190,000 users

• FinServ Sees 60% Spike in Business Email Compromise

• GoDaddy Shutters 14,000 Subdomains Tied to ‘Snake Oil’ Scams GoDaddy worked with researchers to shut down 15,000 domain-shadowing websites tied to bogus affiliate marketing offers promoted via spam campaigns.

• Huawei denies existence of backdoors in Vodafone networking equipment (ZDNet)

• If you”re using Oracle”s WebLogic Server, check for security fixes: Bug exploited in the wild to install ransomware

• Job recruitment site Ladders exposed 13 million user profiles

• Law enforcement seizes dark web market after moderator leaks backend credentials (ZDNet)

• Magecart Group 12 Targets OpenCart Websites

• Magecart skimmer scripts hosted on GitHub infected 200+ e-commerce sites

• Malware Infests Popular Pirate Streaming Hardware Hardware that supports pirated video streaming content comes packed with malware.

• Michael Bublé’s Instagram suffers cock-up

• Microsoft PM Explains Why Chromium Edge Can’t Run Google Earth

• Microsoft: We promise you”ll get better controls over how we use your data (ZDNet)

• Mozilla To Disable Firefox Add-Ons with Obfuscated Code

• Mysterious hacker has been selling Windows 0-days to APT groups for three years

• Office 365 Accounts Compromised via ATO Attacks Used in BEC Scams

• Polymorphic Magecart Skimmer Uses Over Fifty Payment Gateways

• Probable Russian Navy covert camera whale discovered by Norwegians

• Ransomware: The key lesson Maersk learned from battling the NotPetya attack (ZDNet)

• Scammers Create Google Search Ads to Lure PayPal, Amazon Clients

• Sinister secret backdoor found in networking gear perfect for government espionage: The Chinese are oh no, wait, it”s Cisco again (The Register)

• Sky Broadband firmware update bricks routers using third-party DNS settings

• Stealing Ethereum by Guessing Weak Private Keys

• There”s NordVPN odd about this, right – Infosec types concerned over strange app traffic (The Register)

• UK Government Announces Cyber Security Ambassador

• UK: Government in email privacy gaffe

• United Airlines covers up seat cameras following passenger privacy outrage

• Vulnerability in Tommy Hilfiger Japan DB Exposes Hundreds of Thousands of Customers to Data Theft

• Oh dear. Huawei enterprise router “backdoor” was Telnet, sighs Vodafone

• Google boots major Android app developer from store for conducting massive ad fraud (ZDNet)

• Google Docs Says Chromium-Based Microsoft Edge Is Not Supported

• Cyptojacking Attacks Target Enterprises With NSA-Linked Exploits

• Over two million IoT devices vulnerable because of P2P component flaws (ZDNet)