Cyware Daily Threat Intelligence, February 24, 2020

Share Blog post

Data leaks at large public or private sector organizations can have cascading effects. Now, the social community organizing platform Rallyhood exposed an Amazon Web Services (AWS) S3 storage bucket containing 4.1 terabytes of data. The exposed bucket contained millions of user-uploaded files dating back up to ten years. On the other hand, the Quebec government in Canada disclosed a data theft incident affecting the personal information of around 360,000 teachers in the region.

Coming to new security threats, researchers at Ruhr-Universität Bochum discovered that a vulnerability in LTE could be exploited to impersonate mobile phone users. This could allow attackers to make fraudulent transactions in the victim’s name or perform identity fraud.

Top Breaches Reported in the Last 24 Hours

Rallyhood breach
Rallyhood, a platform for organizing social communities, left an Amazon Web Services (AWS) S3 storage bucket exposed online. The exposed bucket contained 4.1 terabytes of data, including millions of private user uploaded files dating back up to nearly ten years. Some of the files contained sensitive data not meant for the public domain.

360,000 Teachers’ data exposed
The personal information of around 360,000 teachers in Quebec was potentially exposed in a data leak incident as disclosed by the Quebec government. The attackers gained access to a database containing personal information after stealing a user code and password as per a statement by the Quebec Treasury Board statement.

Ransomware attack on healthcare firm
The home healthcare chain Personal Touch Home Care was affected by a ransomware attack on its cloud-based electronic health records vendor Crossroads Technologies last December. In total, the company filed 17 breach reports, potentially impacting nearly 157,000 individuals.

Jackson Public Schools hacked
Jackson Public Schools in Mississippi state was locked out of their computer network due to a cyberattack. The school district covers over 23,000 students and 4000 staff members. The district’s IT department has temporarily shut down the computer systems due to the ongoing investigation involving the FBI and the Army Corps of Engineers.

Top Malware Reported in the Last 24 Hours

New Oblique RAT
Researchers discovered a malware campaign distributing the new ObliqueRAT through malicious Microsoft Office documents to target government organizations in Southeast Asia. The malware is capable of executing commands, terminating processes, stealing files, and dropping additional files on infected devices.

Top Vulnerabilities Reported in the Last 24 Hours

LTE device impersonation
Researchers at Ruhr-Universität Bochum discovered that a vulnerability in LTE could be exploited to impersonate mobile phone users. This could allow attackers to make fraudulent transactions in the victim’s name or perform identity fraud.

WordPress plugin flaw
The popular WordPress plugin Duplicator, actively used in over 1 million websites, was found to have a severe security flaw that could attackers to steal users' personal information. Researchers at Wordfence observed over 60,000 attempts to exploit the flaw in the wild. Duplicator version prior to 1.3.28 and Duplicator Pro prior to version 3.8.7.1 were affected by the unauthenticated arbitrary file download vulnerability.

 Tags

lte vulnerability
quebec treasury board
oblique rat
personal touch home care
rallyhood

Posted on: February 24, 2020

Get the Daily Threat Briefing delivered to your email!



More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.



Join Thousands of Other Cyware Followers!