TrueFire Guitar Tutoring Website Suffers Magecart-style Credit Card Breach: TrueFire, one of the most famous online guitar tutoring websites, experienced “Magecart” style data breach between August 3, 2019, and January 14, 2020. According to notification that TrueFire revealed on March 9, 2020, an attacker gained unauthorized access to company’s computer system. Although the company doesn’t store credit card information on their website, attacker captured credit card information while card information was being entered.
To explain briefly what Magecard data breach is, this is done by compromising websites and inserting malicious JavaScript code into website’s checkout pages, which captures payment information of customers and sends it to the attacker’s remote server.
It highlights the importance of checking/testing regularly the website for vulnerabilities, especially when it involves CC payments. The malicious java should capture the entry form for banking information before submitting it via HTTS. Unless the hacker acts like man-in-the-middle where it has the certificate of the remote secure server and decrypted the HTTPS traffic. What do you think?
A bug affecting all supported versions of Windows 10 that have applied the February 27 cumulative update KB4535996 – or any of the three subsequent cumulative updates – is preventing these core productivity apps from connecting to the internet.
Devices with this issue might also have issues reaching the internet using applications that use WinHTTP or WinInet. Examples of apps that might be affected on devices in this state are as follows but not limited to Microsoft Teams, Microsoft Office, Office365, Outlook, Internet Explorer 11, and some version of Microsoft Edge
Yesterday, when trying to access Team and couldn’t Hope MS will get a fix soon!
Gitlab, which offers libraries of open source codes, suffered a terrible backup failure in 2017. An IT Admin deleted one of their primary backup databases by mistake when trying to push an update. Over 300 GB of production data was lost. However, the thing to note is that 5 backup techniques were in use and none of them really functioned as per the need. After the failure, only 4.5 GB of data was restored. As a lesson, it is essential to not only perform regular backups but also conduct restoration tests. In this case if restoration tests were conducted, it would have been found out that data wasn’t being backed up correctly from the 5 techniques.
In the article, Veeam which is a well known backup software was compromised. Hackers could gain credential of username and password posting in the dark web. Here are ways hackers using to gain unauthorized access.
– Compromise system to break into system via phishing or malware
– Once hackers can gain access to system, they try to gain high privilege user access
– Using tools like Mimikatz for dumping credentials from the active directory. In this way, hackers can use some administration configuration on Veeam for Window authentication
– They attempt to cloud backup storage to restore the victim’s data to servers under the attacker’s control.
– They delete replicate could backup to their own network and delete data backup from the victim before using ransomeware attack.
To protect this issue, Veeam recommend to use 3-2-1 rule (Have at least three copies of your data, Store the copies on two different media, and Keep one backup copy offsite)
According this article, the British government is using popular conferencing platform Zoom to conduct Cabinet meetings, despite reported Ministry of Defense (MoD) warnings about the security implications.
The University of Bristol researcher, Andrew Dwyer, raised concerns about previous vulnerabilities uncovered in the platform, and of the firm’s relaxed privacy policies.
Last July, researchers revealed a zero-day bug in the Mac Zoom client which could have allowed hackers to spy on users via their webcams. It took several months for it to fix the bug, which was first reported to the firm in March.
This article highlight the best cloud storage providers for consumers and businesses in 2020,
Given the multitude of cloud storage providers out there, one has to wisely choose a provider who will offer the maximum amount of low-cost storage and bandwidth, while still keeping your data safe.This list represents our top picks for cloud storage: most offer a free tier allowing you to see if they’re right for you before handing over any hard-earned cash. And it’s iDrive that leads the way thanks to how fast, thorough and easy to use it is. And it’s an added bonus that its Cyber Monday sale pricing is still going strong (for a limited time only):
Here is a list of top 10 list as regards to this article;
1. iDrive
2. pCloud
3. Zoolz
4. Degoo
5. Mega cloud storage
6. OneDrive
7. iCloud
8. Google Drive
9. Box
10. NextCloud
Never-before-seen attackers are targeting Mideast industrial organizations
Researchers for Kaspersky have discovered an attack campaign in the middle east from an unidentified organization. The malware has no similarities to any other previous malware campaigns and the code is targeting companies that haven’t been target of other malware attacks. Many of the companies are industrial related entities and exclusively in the middles east. The malware is written in c++ and shows clues of being written in other languages as well. The Kaspersky researchers noted that most likely this was someone who studied well known cases and used techniques of other advanced groups. The article goes to show, remember where your company is operating and the risks associated for that area much like the maersk case.
The company KnowBe4 discovered a new phishing attack where people are sent email saying that they may have come into contact with someone who has contracted the virus. The email proceeds with a download attachment that contains malware.
Title: Using Zoom while working from home? Here are the privacy risks to watch out for
In this article which is quite relevant to us due to the global epidemic we are currently facing, Rae Hodge works to inform us a little about Zoom’s past issues (one of them being a quite significant data breach), as well as some of the more invading privacy features that zoom has to offer. Since the vast majority of our classes are now hosted on Zoom, it will be to your benefit to remain informed on what Zoom does and doesn’t do for us, especially in regards to privacy.
Zoom has removed its Facebook SDK (software development kit) after the app was reported to be sending user data to Facebook.
While the Facebook SDK is a common feature for many apps which allows for users to login with their Facebook credentials, the issue among privacy advocates was the lack of transparency in Zoom’s privacy policy. The policy states that user information may be collected, however does not mention that this information would be shared with Facebook.
Zoom has released an updated version of the application, and has also released a statement regarding the information collected by Facebook – data collected did not include anything specific to user meetings, such as attendee names and notes, but rather device information such as iOS version, disk space available, IP address, and device carrier.
Virgin Media data breach.
According to reports, data was leaked from Virgin Media’s 900,000 customers. The reason is that the database is configured incorrectly and the database can be accessed by unauthorized users. The incorrectly configured database began in April 2019, and a ten-month period showed that Virgin Media’s protection and control of the database was insufficient.Virgin Media now faces a £ 4.5 billion damages lawsuit.
In 2019, Google reported a 25% drop off in state sponsored IT attacks. Google will notify companies if they believe an account is the target of cyber attack. In the article, Google said that 20% of the companies that are attacked once are attacked multiple times and there were many notable bugs that attackers exploited, Many of the Zero Day vulnerabilities came from Microsoft IE, Google Chrome, and Windows Kernel. The important aspect to understand here is that even though attacks are down across the board, there are still exploits that can be leveraged to attack individuals or large firms.
An informal Threatpost reader poll shows the majority of site visitors are privacy absolutists. But attitudes shift when the trade off is saving lives.
One in four respondents to a Threatpost reader poll said they were okay with sacrificing a portion of their personal privacy in exchange for some form of cellphone tracking that could – in theory – reduce coronavirus infection rates and save lives.
TrueFire Guitar Tutoring Website Suffers Magecart-style Credit Card Breach: TrueFire, one of the most famous online guitar tutoring websites, experienced “Magecart” style data breach between August 3, 2019, and January 14, 2020. According to notification that TrueFire revealed on March 9, 2020, an attacker gained unauthorized access to company’s computer system. Although the company doesn’t store credit card information on their website, attacker captured credit card information while card information was being entered.
To explain briefly what Magecard data breach is, this is done by compromising websites and inserting malicious JavaScript code into website’s checkout pages, which captures payment information of customers and sends it to the attacker’s remote server.
Here is the news: https://thehackernews.com/2020/03/truefire-guitar-tutoring-data-breach.html
It highlights the importance of checking/testing regularly the website for vulnerabilities, especially when it involves CC payments. The malicious java should capture the entry form for banking information before submitting it via HTTS. Unless the hacker acts like man-in-the-middle where it has the certificate of the remote secure server and decrypted the HTTPS traffic. What do you think?
A bug affecting all supported versions of Windows 10 that have applied the February 27 cumulative update KB4535996 – or any of the three subsequent cumulative updates – is preventing these core productivity apps from connecting to the internet.
Devices with this issue might also have issues reaching the internet using applications that use WinHTTP or WinInet. Examples of apps that might be affected on devices in this state are as follows but not limited to Microsoft Teams, Microsoft Office, Office365, Outlook, Internet Explorer 11, and some version of Microsoft Edge
Yesterday, when trying to access Team and couldn’t Hope MS will get a fix soon!
https://www.zdnet.com/article/new-windows-10-bug-hits-home-working-outlook-o365-teams-cant-access-internet/
2017 Gitlab Backup Failure
Gitlab, which offers libraries of open source codes, suffered a terrible backup failure in 2017. An IT Admin deleted one of their primary backup databases by mistake when trying to push an update. Over 300 GB of production data was lost. However, the thing to note is that 5 backup techniques were in use and none of them really functioned as per the need. After the failure, only 4.5 GB of data was restored. As a lesson, it is essential to not only perform regular backups but also conduct restoration tests. In this case if restoration tests were conducted, it would have been found out that data wasn’t being backed up correctly from the 5 techniques.
https://blog.storagecraft.com/gitlab-backup-failure/
https://www.bleepingcomputer.com/news/security/ransomware-attackers-use-your-cloud-backups-against-you/
In the article, Veeam which is a well known backup software was compromised. Hackers could gain credential of username and password posting in the dark web. Here are ways hackers using to gain unauthorized access.
– Compromise system to break into system via phishing or malware
– Once hackers can gain access to system, they try to gain high privilege user access
– Using tools like Mimikatz for dumping credentials from the active directory. In this way, hackers can use some administration configuration on Veeam for Window authentication
– They attempt to cloud backup storage to restore the victim’s data to servers under the attacker’s control.
– They delete replicate could backup to their own network and delete data backup from the victim before using ransomeware attack.
To protect this issue, Veeam recommend to use 3-2-1 rule (Have at least three copies of your data, Store the copies on two different media, and Keep one backup copy offsite)
UK Government Uses Zoom Despite MoD Security
According this article, the British government is using popular conferencing platform Zoom to conduct Cabinet meetings, despite reported Ministry of Defense (MoD) warnings about the security implications.
The University of Bristol researcher, Andrew Dwyer, raised concerns about previous vulnerabilities uncovered in the platform, and of the firm’s relaxed privacy policies.
Last July, researchers revealed a zero-day bug in the Mac Zoom client which could have allowed hackers to spy on users via their webcams. It took several months for it to fix the bug, which was first reported to the firm in March.
https://www.infosecurity-magazine.com/news/uk-government-zoom-despite-mod/
This article highlight the best cloud storage providers for consumers and businesses in 2020,
Given the multitude of cloud storage providers out there, one has to wisely choose a provider who will offer the maximum amount of low-cost storage and bandwidth, while still keeping your data safe.This list represents our top picks for cloud storage: most offer a free tier allowing you to see if they’re right for you before handing over any hard-earned cash. And it’s iDrive that leads the way thanks to how fast, thorough and easy to use it is. And it’s an added bonus that its Cyber Monday sale pricing is still going strong (for a limited time only):
Here is a list of top 10 list as regards to this article;
1. iDrive
2. pCloud
3. Zoolz
4. Degoo
5. Mega cloud storage
6. OneDrive
7. iCloud
8. Google Drive
9. Box
10. NextCloud
https://www.techradar.com/news/the-best-cloud-storage
Never-before-seen attackers are targeting Mideast industrial organizations
Researchers for Kaspersky have discovered an attack campaign in the middle east from an unidentified organization. The malware has no similarities to any other previous malware campaigns and the code is targeting companies that haven’t been target of other malware attacks. Many of the companies are industrial related entities and exclusively in the middles east. The malware is written in c++ and shows clues of being written in other languages as well. The Kaspersky researchers noted that most likely this was someone who studied well known cases and used techniques of other advanced groups. The article goes to show, remember where your company is operating and the risks associated for that area much like the maersk case.
https://arstechnica.com/information-technology/2020/03/never-before-seen-attackers-are-targeting-mideast-industrial-organizations/
https://www.infosecurity-magazine.com/news/covid19-phishing-infected-warning/
The company KnowBe4 discovered a new phishing attack where people are sent email saying that they may have come into contact with someone who has contracted the virus. The email proceeds with a download attachment that contains malware.
Title: Using Zoom while working from home? Here are the privacy risks to watch out for
In this article which is quite relevant to us due to the global epidemic we are currently facing, Rae Hodge works to inform us a little about Zoom’s past issues (one of them being a quite significant data breach), as well as some of the more invading privacy features that zoom has to offer. Since the vast majority of our classes are now hosted on Zoom, it will be to your benefit to remain informed on what Zoom does and doesn’t do for us, especially in regards to privacy.
Source: https://www.cnet.com/news/using-zoom-while-working-from-home-here-are-the-privacy-risks-to-watch-out-for/
Hi, Imran Jordan Kharabsheh
I also read similar articles and Zoom started updating their policies. Inform users that they will not share customer information with third-party partner companies, but they will collect customer information for feedback on the customer experience. Although they have “16 CCPA” required cookie “exits, and 70” feature “and” advertising “cookies.” Experts are still asking Zoom to submit valid review and control evidence.
https://www.securityweek.com/zoom-updates-privacy-policy-after-experts-raise-concerns?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29
Zoom has removed its Facebook SDK (software development kit) after the app was reported to be sending user data to Facebook.
While the Facebook SDK is a common feature for many apps which allows for users to login with their Facebook credentials, the issue among privacy advocates was the lack of transparency in Zoom’s privacy policy. The policy states that user information may be collected, however does not mention that this information would be shared with Facebook.
Zoom has released an updated version of the application, and has also released a statement regarding the information collected by Facebook – data collected did not include anything specific to user meetings, such as attendee names and notes, but rather device information such as iOS version, disk space available, IP address, and device carrier.
https://threatpost.com/zoom-kills-ios-apps-data-sharing-facebook/154275/
Virgin Media data breach.
According to reports, data was leaked from Virgin Media’s 900,000 customers. The reason is that the database is configured incorrectly and the database can be accessed by unauthorized users. The incorrectly configured database began in April 2019, and a ten-month period showed that Virgin Media’s protection and control of the database was insufficient.Virgin Media now faces a £ 4.5 billion damages lawsuit.
https://www.infosecurity-magazine.com/news/virgin-media-compensation-data/
In 2019, Google reported a 25% drop off in state sponsored IT attacks. Google will notify companies if they believe an account is the target of cyber attack. In the article, Google said that 20% of the companies that are attacked once are attacked multiple times and there were many notable bugs that attackers exploited, Many of the Zero Day vulnerabilities came from Microsoft IE, Google Chrome, and Windows Kernel. The important aspect to understand here is that even though attacks are down across the board, there are still exploits that can be leveraged to attack individuals or large firms.
https://threatpost.com/nation-state-attacks-google-analysis/154295/
An informal Threatpost reader poll shows the majority of site visitors are privacy absolutists. But attitudes shift when the trade off is saving lives.
One in four respondents to a Threatpost reader poll said they were okay with sacrificing a portion of their personal privacy in exchange for some form of cellphone tracking that could – in theory – reduce coronavirus infection rates and save lives.
https://threatpost.com/covid-19-poll-results-one-in-four-prioritize-health-over-privacy/154218/