Cyber Bites

Edgescan's Senior Security Consultant Guram Javakhishvili has identified numerous vulnerabilities across several popular applications. Some of which have not yet been announced to the public until vendors have implemented the appropriate patches. For the moment, however, five vulnerabilities have been found in the content management system, CMS Made Simple, and has been disclosed. Three of which have been resolved and two remains outstanding. Guram has also discovered three vulnerabilities in LimeSurvey 3.21.1 which have been fixed...

An automated 'meow' attack is circulating the public web targeting dozens of unsecured databases without any explanation or a ransom note. According to BleepingComputer, a simple search on Shodan shows many databases affected by this attack. Many researchers are now scrambling to identify any exposed databases and report them responsibly before they are wiped, or 'meowed'.    

Collating data from government reports, police websites, and news articles across 150 countries, cybersecurity analysts at Comparitech have identified London to be the third most surveilled city in the world. London was only one of two cities, the other being Hyderabad in India, outside of China that ranked in the top 20 most surveilled cities. Of the 770million cameras currently installed across the globe, it was found that 54% were found in China.

According to YorkMix, the personal details of staff and students from the University of York have been stolen by hackers. The US tech company, Blackbaud, which provided the university with a customer management system had suffered a ransomware attack in May of this year. However, they only informed the university on the 16th of June. The university, in turn, only informed those impacted on the 21st of July. Information stolen included phone numbers and email...

According to a report by Check Point, attackers are increasingly leveraging public cloud services to share malicious documents or phishing pages which collect login details. This includes the use of Google Drive but also Microsoft Azure, Microsoft Dynamics and IBM Cloud, finds Bleeping Computer.

WeLiveSecurity yesterday reported that seven Virtual Private Network VPN providers had exposed the personal data of over 20 million users. This is in spite of the fact that they had claimed not to keep any logs of their users online activity. The data leaked included email and home addresses, clear text passwords, IP addresses as well as internet activity logs.    

The largest telecommunications company in Argentina fell victim to a ransomware attack on the 18th of July. The attack was largely contained by the company's IT workers and services such as landlines, mobile phones or the internet do not look to have been affected. However, hackers are now demanding the company pay $7.5 million, or $15million if this is not paid within 48 hours, CoinTelegraph reports.    

According to a report released by the Intelligence and Security Committee, the UK is one of the 'top targets' in the West for Russia. The committee has criticised the government for delaying its release and urges for 'immediate action' to assist intelligence services in tackling this 'capable adversary'. Among other topics covered, the ISC's report looks at disinformation campaigns, cyber tactics as well as Russian expatriates in the UK.

Officials from the Israeli Water Authority have announced that their water management facilities have been hit with two more cyber-attacks. These attacks occurred in June but fortunately, did not cause any damage to the affected organisations. One hit an agricultural water pump in upper Galilee and the second hit water pumps in Mateh Yehuda. Source: ZDNet

A new malware called BlackRock has been recently identified by the cybersecurity firm ThreatFabric. This malware has affected over 337 Android app and utilises an overlay with keylogger functionality on top of the legitimate app. It then encourages users to enter in their payment card details in order to 'access' the app. Moreover, with the app installed, the malware requests permission to the Accessibility feature, allowing bad actors to intercept SMS messages, spam contacts etc....