Friday Five 8/5
New and dangerous scams are on the rise, your sensitive information may be at risk due to an unlikely party, and tensions between Taiwan and China look to be escalating. Read all about these stories and more in this week’s Friday Five.
1. OVER 3,200 APPS LEAK TWITTER API KEYS, SOME ALLOWING ACCOUNT HIJACKS BY BILL TOULAS
Cybersecurity researchers at CloudSEK have uncovered that over 3,200 mobile apps are exposing Twitter API keys to the public, some of which could allow an account takeover by bad actors. According to researchers, a bad actor in possession of these Twitter authentication keys could perform any of the following actions:
- Read direct messages
- Perform retweets and likes
- Create or delete tweets
- Remove or add new followers
- Access account settings
- Change display picture
According to BleepingComputer, a wide variety of applications between 50,000 and 500,000 downloads, “including city transportation companions, radio tuners, book readers, event loggers, newspapers, e-banking apps, cycling GPS apps, and more” have all been linked to the issue.
2. FEDERAL COURTS LEFT AMERICANS' DATA EXPOSED, SENATOR TELLS SUPREME COURT CHIEF JUSTICE BY TONYA RILEY
Democratic Senator Ron Wyden out of Oregon, in a letter to U.S. Supreme Court Chief Justice John Roberts, pleaded with federal courts to address their long-lasting negligence of Americans’ personal data. According to Wyden, “Federal court rules — required by Congress — mandate that court filings be scrubbed of personal information before they are publicly available. These rules are not being followed, the courts are not enforcing them, and as a result, each year tens of thousands of Americans are exposed to needless privacy violations.” Wyden’s letter comes in the wake of a recent report released by the Committee on Rules of Practice and Procedure, which highlighted courts’ inconsistent privacy practices.
3. TAIWAN PRESIDENTIAL OFFICE WEBSITE HIT BY ‘OVERSEAS’ DDOS ATTACK BY RYAN MORRISON
The website of Taiwan’s Presidential Office was taken offline for roughly 20 minutes this past Tuesday, according to local reports, after being hit with a DDoS attack that saw site traffic exceed 200 times the normal amount. “In the face of continuous compound information operations by foreign forces, government agencies will continue to strengthen monitoring to maintain national information and communication security and the stable operation of key infrastructure,” said Zhang Dunhan, an official spokesperson for Taiwan’s Presidential Office. The attack came only hours before U.S. Speaker of the House Nancy Pelosi’s scheduled visit to the country.
4. BANK FRAUD SCAMMERS TRICK VICTIMS WITH CLAIMS OF BOGUS ZELLE TRANSFERS BY CHRISTOPHER BOYD
A recent series of social engineering attacks have used fake Zelle payments to trick victims into handing over sensitive banking information to threat actors. The scam begins with a phone call from a supposed fraud team, when the victim is told that their bank account has been used to transfer $1,000 to a third party located in Texas via Zelle. The threat actors dissuade victims from calling their bank to confirm the fraudulent activity, saying that they will only be redirected to the supposed fraud team they’re currently speaking with, and add a dose of urgency by claiming that more delays could cause the victim to lose more money. Read the full story from Malwarebytes Labs to learn about some of the red flags to watch for in this emerging scam.
5. PHISHERS USE CUSTOM PHISHING KIT TO HIJACK MFA-PROTECTED ENTERPRISE MICROSOFT ACCOUNTS BY ZELJKA ZORZ
Researchers are warning that threat actors are using a large-scale phishing campaign to bypass multi-factor authentication and ultimately hijack enterprise Microsoft accounts. According to the ThreatLabz researchers, URL redirection methods are being used in hopes of evading corporate email URL analysis solutions, and various cloaking and browser fingerprinting methods are being used to avoid automated URL analysis systems. “It has been observed that in the midst of a campaign, attackers will modify the code of a redirect page and update a phishing site’s URL that has been flagged as malicious, to a fresh undetected URL.” Read the full story at Help Net Security to find out more about which industries are affected and the red flags that potential victims should be on the lookout for.