Cyber Bites

A Virgin Media database containing the personal details of 900,000 people was left unsecured and accessible online for 10 months, the company has admitted. The information was accessed "on at least one occasion" by an unknown user. The database, which was for marketing purposes, contained phone numbers, home and email addresses. Source: BBC

A vulnerability was found in most of the Intel chipsets released in the last five years that could allow an attacker to extract the chipset key stored on the PCH microchip and obtain access to data encrypted with the key. The issue, CVE-2019-0090, was found by Positive Technologies and resides in the Intel Converged Security and Management Engine. Positive Technologies has informed Intel of the problem. Source: SC Magazine

A class-action lawsuit has been filed against gaming company Zynga Inc. over a data breach that exposed the personal information of 173 million users.  The casual-gaming giant, which made its name with Farmville, warned mobile players of Words With Friends and Draw Something to update their passwords after the breach occurred in September 2019. Source: Info Security

Boots has suspended payments using loyalty points in shops and online after attempts to break into customers' accounts using stolen passwords. Customers will not be able to use Boots Advantage Card points to pay for products while the issue is dealt with. Boots said none of its own systems were compromised, but attackers had tried to access accounts using reused passwords from other sites. Source: BBC

  Mobile malware attacks are becoming more common as cyber criminals increasingly turn their attention towards smartphones – and they're ensuring that malicious activity is harder to uncover. According to figures in the newly released McAfee Mobile Threat Report, the total number of detections for different types of mobile malware reached over 35 million during the final quarter of 2019, representing a jump of 10 million detections compared with 2018. Source: ZD Net

EMCOR Group (NYSE: EME), a US-based Fortune 500 company specialized in engineering and industrial construction services, disclosed last month a ransomware incident that took down some of its IT systems. The incident took place on February 15 and was identified as an infection with the Ryuk ransomware strain. Details of the attack and the aftermath are not public, but the message announcing the ransomware infection is still present on the company's website almost three weeks...

  Clothing giant J.Crew said an unknown number of customers had their online accounts accessed “by an unauthorized party” almost a year ago, but is only now disclosing the incident. The company said in a filing on Tuesday with the California attorney general that the hacker gained access to the customer accounts in or around April 2019. According to the letter, the hacker obtained information found in customers’ online accounts — including card types, the...

  In a brief blog post here published on Monday in English and Chinese, Qihoo said it discovered the spying campaign by comparing samples of malicious software it had discovered against a trove of CIA digital spy tools released by WikiLeaks in 2017. Qihoo - a major cybersecurity vendor whose research is generally followed for the insight it offers into China’s digital security world - said the Central Intelligence Agency had targeted China’s aviation and...

  A new credential-stealing malware, dubbed ForeLord, has been uncovered in a recent spear phishing campaign. Researchers tie the attack to a known advanced persistence threat (APT) group known as Cobalt Ulster. The emails distributing ForeLord were uncovered as part of a campaign, running between mid-2019 and mid-January 2020. The emails were targeting organizations in Turkey, Jordan, Iraq, as well as global government organizations and unknown entities in Georgia and Azerbaijan, researchers said last week...

  A highly sensitive military database containing the personal details of tens of thousands of Australian Defence Force (ADF) members was shut down for 10 days due to fears it had been hacked. The ABC can reveal Defence Force Recruiting's outsourced electronic records system was taken offline and quarantined from other military networks in February, while IT specialists worked to contain an apparent security breach. Source: Abc