The Week in Cyber Security News, Sept. 28 - Oct. 4
01. A security researcher has reverse-engineered an IoT coffee machine to upload ransomware and mine Monero coin.
02. One in five UK employees have downloaded commercially sensitive or confidential company files on a personal device whilst working from home, and 40% have admitted there was either no password protection or up-to-date security installed on these devices.
03. Cybersecurity researchers have uncovered fresh evidence of an ongoing cyberespionage campaign against Indian defense units and armed forces personnel at least since 2019 with an aim to steal sensitive information.
04. A computer outage at a major hospital chain has thrust healthcare facilities across the US into chaos, with treatment impeded as doctors and nurses already burdened by the coronavirus pandemic were forced to rely on paper backup systems.
05. A US judge has sentenced Yevgeniy Nikulin, who hacked LinkedIn and Formspring in 2012 and stole credentials belonging to 117 million Americans, to more than seven years in prison.
06. The REvil Ransomware (Sodinokibi) operation has deposited $1 million in bitcoins on a Russian-speaking hacker forum to prove to potential affiliates that they mean business.
07. The US Treasury Department's Office of Foreign Assets Control has said that organizations which assist ransomware victims to make ransom payments are facing sanctions risks as their actions could violate OFAC regulations.
08. Between April and September this year, hackers made as much as $15 million by impersonating senior executives at as many as 150 companies, using what appear to be legitimate Microsoft Office 365 email addresses in a bid to make their attacks more successful.
09. Facebook has detailed a wide-scale Chinese malware campaign that targeted its ad platform for years and siphoned $4 million from users’ advertising accounts.
10. Amazon has announced a new payment system that registers an image of the user's palm, letting them pay by hovering their hand in mid-air "for about a second or so" over a scanner.
11. Users of CloudBees' CodeShip are advised to immediately rotate any keys and other secrets in their pipelines after the DevOps solutions provider discovered a long-lasting data breach affecting the continuous integration and deployment (CI/CD) system.
12. LGBTQ dating site Grindr has squashed a security bug in its website that could have been trivially exploited to hijack anyone's profile using just the victim's email address.
13. For almost a year, a threat actor has been using zero-day vulnerabilities to install malware on Tenda routers and build a so-called IoT botnet.
14. A user enumeration technique has been discovered that demonstrates how Gravatar, an online avatar service that lets users set and use an avatar across multiple websites, can be abused for mass data collection of its profiles by web crawlers and bots.
Thanks for visiting SecAlerts and reading our weekly cyber security news roundup. We offer a free weekly CVE alert service, or an hourly service from $US20/mth, both of which include software updates and news relating to your software stack. Join more than 1,300 other users and sign up.
. . .
If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.