Skip to main content

Friday Five: 6/24 Edition

by Nena Giandomenico on Friday July 17, 2020

Contact Us
Free Demo

It’s Friday! Catch up on the top infosec headlines with our weekly news roundup.

1. Necurs botnet resurfaces with added ransomware by Rene Millman

After going quiet for a month, the giant botnet Necurs has resurfaced. It is spreading the Trojan Dridex and has started a Locky ransomware campaign using zip files containing JavaScript that deploys when the files are opened. The version of Locky being used now targets virtual machines that are not properly maintained in order to avoid analysis. Experts had already predicted that the apparent death of the Necurs system back in May was “premature,” but they are unsure whether the current activity indicates a return to normal behaviors or if it is only a temporary surge. Read the full article on SC Magazine UK.

2. LinkedIn data breach blamed for multiple secondary compromises by Steve Ragan

The information leaked from LinkedIn in May has led to an increase in the number of brute force attacks on secondary companies, including one on Citrix last Saturday. Like many of the recent hacks on companies such as MySpace, Twitter, and iMesh, the lack of complex passwords made the original LinkedIn attack easy to execute. The same login information obtained from that breach was recycled for use in Citrix. While these issues can only be solved through awareness, the use of multi-factor authentication can add another layer of protection to account access. For more information, read the full article.

3. 154 million American voters’ records exposed thanks to unsecured database by Ms. Smith

A misconfigured CouchDB occurrence caused 154 million U.S. voters’ records to be exposed. Vickery determined the leaky database was on a Google Cloud Platform and traced it back to a client of L2, a company that claims to be the nation’s “most trusted source for enhanced voter data.” The leaked database included fields for addresses, age, education, estimated income, phone number, and many other personal details. Vickery emailed several L2 email addresses, and the CEO simply gave the excuse that they were hacked. The file that was hacked is from one year ago, and was taken off the site as quickly as possible. For more information about the breach of 154 million American voters’ personal information, read the full article on Network World.

4. Clinton Foundation Said to Be Breached by Russian Hackers by Michael Riley and Jordan Robertson

Another political hack to add to the growing list: The Clinton Foundation was breached by suspected Russian hackers. The attacks on the foundation’s network was first identified by government investigations last week. The hackers used agents' monitor servers to communicate with their targets. Before the Democratic National Committee was breached last week, U.S. officials informed both political parties that experienced hackers were attempting to infiltrate their systems. The hackers sought to find obtain data from 4,000 individuals who were associated with U.S. politics. The Clinton campaign was aware that it was being targeted by hackers with links to Russia as early as April. To learn more about the breach of The Clinton Foundation and how the U.S. government is trying to crack down on political hacks and implement stronger cyber security, read the entire article on Bloomberg.

5. University of Greenwich Hacked and Breached Again by Phil Muncaster

The University of Greenwich suffered its second data breach of the year after personal details of students were leaked online by a hacker. The black hat compromised the university’s website and database via a simple SQL injection attack, allowing the hacker to link the compromised data to the dark web. Over 21,000 student email accounts and log-ins were exposed as well as personal details including full names and contact information. A spread sheet listing medical problems of some staff and information on students with disabilities was also released. This breach follows another breach in February when the university posted personal details of postgraduate students including details on their mental health and other medical conditions on its public website. For more information on the hack into the University of Greenwich and how they are dealing with the aftermath, read the full article.

Tags:  Security News

Recommended Resources

The Definitive Guide to DLP

All the essential information you need about DLP in one eBook.

The Ultimate Guide to Data Protection

Everything you need to know about data protection but were afraid to ask.