Cyber Bites

PHONE scammers are targeting residents in a county town. The caller claims to represent Amazon Prime, a paid subscription service offered by the online retailer Amazon, giving people access to services such as free two day delivery, when calling homes in Malvern. Source: Worcester News

Netflix subscribers are being warned to show caution after a sophisticated phishing scam was discovered flooding inboxes across the country. The scam ironically mimics 3-step verification - a common digital safety feature used to protect sensitive data online – to trick victims into thinking the email is from Netflix. Source: 9 News

German car rental company Buchbinder exposed the personal information of over 3.1 million customers including federal ministry employees, diplomats, and celebrities, all of it stored within a ten terabytes MSSQL backup database left unsecured on the Internet. Source: Bleeping Computer

A new malware called CARROTBALL, used as a second-stage payload in targeted attacks, was distributed in phishing email attachments delivered to a U.S. government agency and non-US foreign nationals professionally affiliated with current activities in North Korea. Source: Bleeping Computer

Microsoft last December misconfigured five Elasticsearch servers – each one containing the same data set of 250 million customer support records – leaving their information publicly exposed on the internet, according to researchers. The data leak was detailed today in a blog post by pro-consumer website Comparitech and separately disclosed in a Microsoft Security Response Center (MSRC) blog post. Source: SC Magazine

Operated by Lawyers for Liberty, the website appears to have been blocked in Singapore following an order issued after the human rights group failed to comply with a previous correction directive. The group has sued the Singapore government over the order. Source: ZD Net

The new BitPyLock ransomware seems to have stepped up its game, going from targeting individual workstations to spreading to the network in a file-stealing spree. Discovered at the beginning of the month by MalwareHunterTeam, the bug has claimed new victims almost daily. Interestingly, the ransom notes have already evolved to reflect the progressively ambitious aims of threat actors, who are now attempting to steal data before encrypting the machines in order to use it as...

Misconfigured Microsoft cloud databases containing 14 years of customer support logs exposed 250 million records to the open internet for 25 days. The account info dates back as far as 2005 and is as recent as December 2019 — and exposes Microsoft customers to phishing and tech scams. Microsoft said it is in the process of notifying affected customers. The Comparitech security research team said that it ran across five Elasticsearch servers that had been...

In a data breach notification letter to customers, The UPS Store has disclosed that an unauthorized party successfully devised a phishing scheme to gain entry into the email accounts of numerous store locations. The breach exposed information contained within documents that customers emailed to stores for printing and related services, the San Diego-based subsidiary of UPS explained in its communication. In addition to names, this info included government-issued identification and financials, said Jenny Robinson, The UPS Store’s...

Over 2,000 Wordpress sites have been hacked to fuel a campaign to redirect visitors to scam sites containing unwanted browser notification subscriptions, fake surveys, giveaways, and fake Adobe Flash downloads. This hacking campaign was discovered by website security firm Sucuri who detected attackers exploiting vulnerabilities in Wordpress plugins during the third week of January 2020. Sucuri researcher Luke Leak told BleepingComputer that some of the vulnerable plugins seen being exploited are the "CP Contact Form with PayPal" and the "Simple...