Daily Cybersecurity Roundup, September 14, 2020
Leaked user records are often repurposed by cybercriminals in phishing and malware scams to trigger clicks and fetch more confidential data from the affected users. Lately, Mailfire, an email marketing tools provider, exposed the details of 66 million individual push notifications that were sent from its platform in a span of four days, via an unsecured server. In different news, researchers found one of the largest automated Magecart attack campaigns that affected nearly 2,000 stores over the weekend. With this, join in to go through the key cybersecurity highlights from the weekend.
Researchers from vpnMentor discovered an 882GB database on an unprotected Elasticsearch server belonging to Mailfire. The database contained details of 66 million notifications triggered from more than over 70 websites that use its service.
Sanguine Security uncovered one of the largest Magecart attack campaigns that compromised about 2,000 Magento stores in an attempt to steal credit cards.
Artech Information Systems disclosed a breach incident from January exposing personal, financial, and health information of clients. The attackers reportedly deployed a ransomware after three days of infiltration.
The Development Bank of Seychelles was hit in a ransomware attack. Technical details about the ransomware or whether attackers exfiltrated any data were not disclosed.
Staples, an American office retail firm, sent out breach notification emails to customers whose personal data was compromised in a security breach earlier this month.
Researchers laid bare a phishing scam that aims to steal the login credentials of unsuspected users by copying texts from the Twitter team’s response to the recent attack on its platform.
CISA warned against the Chinese Ministry of State Security-affiliated cyber threat actors for targeting various industries, including high-tech manufacturing, solar energy, and defense, across the U.S. and other countries.
The privacy-focused email service, Tutanota, apologized after its platform remained unaccessbile to its users, due to a series of ongoing distributed denial-of-service (DDoS) attacks.
According to a report by Aqua Security, 95% of attacks against cloud systems were found to be used for cryptomining, while the rest were aimed at setting up a DDoS infrastructure.
Researchers from Temple University collected information on ransomware attacks under a project titled CIRWA, and found that government facilities, followed by education and healthcare, remained the top targets of cybercriminals.