Today’s hyperconnected world demands tight cybersecurity, but it is often overlooked. An unprotected Chinese database storing hundreds of millions of records was left exposed on the internet. On the other hand, Italy’s energy agency was hit by a malware attack that forced it to shut down its IT systems and website.
A persistent Golang-based malware campaign leveraged a deep field image—taken by James Webb Space Telescope—as a lure to install malicious payloads on infected systems. Meanwhile, the FBI, Secret Service, and the government of Lexington, Kentucky, came together to investigate a cybercrime theft of $4 million in federal funds.
Top Breaches Reported in the Last 24 Hours
Chinese database exposed online
A huge Chinese database containing over 800 million face prints and vehicle license plates was left exposed online for months before it got removed in August. The exposed data belongs to Xinai Electronics, a tech company based in Hangzhou on China’s east coast. According to a security researcher, the database was not password-protected and could be accessed by anyone who knew where to look.
Italy’s energy agency suffers malware attack
Italy’s state-owned energy agency Gestore dei Servizi Energetici SpA (GSE) suffered a malware attack, forcing the agency to shut down its IT systems and websites to protect its data. The agency’s role as a gas buyer of last resort for Italy’s electricity network was not hampered.
Top Malware Reported in the Last 24 Hours
Chinese hackers use ScanBox malware
Hidden malware in images taken by NASA
Security researchers have spotted a new Golang-based malware campaign dubbed GO#WEBBFUSCATOR that relies on malicious documents, phishing emails, and deep field images taken from NASA’s James Webb Space Telescope (JWST) to spread malicious payloads. The threat actor deploys payloads that are currently not termed as malicious by the VirusTotal scanning platform.
Malicious Chrome extensions discovered
Top Vulnerabilities Reported in the Last 24 Hours
Google Chrome 105 patches high-severity vulnerabilities
Google released Chrome 105, which comes with patches for 24 vulnerabilities, including 13 use-after-free and heap buffer overflow bugs. 21 of the fixed security bugs were reported by external researchers, including one critical-, eight high-, nine medium-, and three low-severity vulnerabilities. A total of nine use-after-free issues were resolved with the latest browser update, the most important of which is a critical flaw in the Network Service component. Chrome 105 also patches five high-severity use-after-free vulnerabilities, impacting browser components such as WebSQL, Layout, PhoneHub, and Browser Tag.
WordPress releases patches in its new version
WordPress released version 6.0.2 of its content management system (CMS), with patches for three security bugs, including a high-severity SQL injection vulnerability. Identified in the WordPress Link functionality, the issue only impacts older installations, as the capability is disabled by default on new installations. However, the functionality might still be enabled on millions of legacy WordPress sites even if they are running newer versions of the CMS.
Top Scams Reported in the Last 24 Hours
FBI and Secret Service investigate cybercrime theft
The government of Lexington, Kentucky joined hands with the FBI and Secret Service to investigate $4 million in federal rent assistance and housing funds allegedly stolen by cybercriminals.
Investigators discovered that the threat actors managed to intercept emails between the city and a local community council that needed the funds.
Fraudsters dupe manufacturer
A multinational manufacturing firm that makes paper cups in India was duped off approximately $68,000 by cyber fraudsters. Allegedly, a scammer hacked the CEO’s email account to send emails to the company’s accounts department and made transactions to an unknown account.