Cyber Bites

Source code from exposed repositories of dozens of companies across various fields of activity (tech, finance, retail, food, eCommerce, manufacturing) is publicly available as a result of misconfigurations in their infrastructure, Bleeping Computer reported. A public repository of leaked code includes big names like Microsoft, Adobe, Lenovo, AMD, Qualcomm, Motorola, Hisilicon (owned by Huawei), Mediatek, GE Appliances, Nintendo, Roblox, Disney, Johnson Controls; and the list keeps growing. The leaks have been collected by Tillie Kottmann,...

The Federal Bureau of Investigation added three network protocols and one web application to its list of newly discovered DDoS attack vectors. In a private industry notification, the Bureau reported that: In February 2020, UK security researchers identified a vulnerability in the built-in network discovery protocols of Jenkins servers—free, open source, automation servers used to support the software development process that cyber actors could exploit to conduct DDoS amplification attacks — according to open source...

The hearing between the US government and four tech giants - Amazon, Apple, Facebook and Google, has been postponed to a later date that has yet to be confirmed, the BBC reports. The hearing will look into these companies' dominance in their respective fields of e-commerce, smartphone software, social media and search. The delay will allow politicians to attend a service in memory of John Lewis, a civil rights activist and congressman.  

A ransomware attack on Blackbaud, a US cloud computing provider, back in May has led to data breaches across numerous universities and NGOs. This includes the University of York, University College London, University of London, Human Rights Watch and Young Minds. As a result of Blackbaud's delay in responding to the incident, it is likely they will face a GDPR investigation, reports Infosecurity Magazine. In an email to the IT Security Guru, Chris Ross, SVP...

An Android application used to control drones possesses a self-update feature that bypasses the Google Play Store which allows it to transfer sensitive data to its manufacturer, Da Jiang Innovations, and potentially the Chinese government. This was confirmed by French researchers at Synacktiv with the GRIMM security research group. “While we can’t prove intent, what we can say is that it could allow to make very serious privacy violations,” GRIMM CEO Brian DeMuth told SC...

Garmin, a wearable device maker, has suffered an outage of its connected services and call centres as a result of a suspected ransomware attack. It was first revealed following a Tweet from the company's Indian branch which announced a shutdown of some servers for planned maintenance. Soon after, the same outage message was shared across Garmin's main social media accounts. According to BleepingComputer, a notification message was issued on the company's website stating: "We are...

Twilio is a cloud communications platform as a service (CPaaS) company that enables communications for over 40,000 companies including Twitter, Netflix, Uber, Airbnb and many more. It allows developers to add various communication tools such as voice, video, and messaging as well as authentication capabilities. However, BleepingComputer has reported that hackers had infiltrated Twilio's TaskRouter JS SDK through misconfigured Amazon AWS S3 buckets and injected malvertising code. "Due to a misconfiguration in the S3 bucket...

Following the great Twitter hack last week, it has been revealed that hackers had viewed the private messages of 36 of the affected accounts. While it has not been announced who these accounts belong to, one is believed to be owned by an elected official in the Netherlands. According to Twitter, no other former or current politician has had their DM accessed. It is not clear how many of the accounts overlap with the 45...

Researchers at Cisco Talos have identified a new botnet dubbed Prometei which has been active since March of this year. They have described the attacks to be a complex campaign utilising multi-modular malware. It has been spreading across compromised networks through SMB exploits, including the EternalBlue exploit for Windows Server Message Block communication protocol. The goal of the attack is to mine for Monero (XMR) cryptocurrency and lock as many systems possible for increased profit,...

During a transfer deal, a Premier League club almost lost £1m and this was only halted because of an intervention by the unnamed club's bank, reports the BBC. A report from the NCSC revealed that the attempted theft came about as a result of an email address hack; specifically, a hack of the Premier League club's managing director email. Hackers also cut off the club's security systems, and blocked turnstiles which almost lead to a...