Cyber Bites

Ransomware attackers have been abusing a vulnerability in the Windows version of Apple iTunes to avoid detection from antivirus software, according to security researchers. The problem deals with the Apple-created Bonjour updater that comes with iTunes for Windows, which is used to deliver software updates to the app. Security firm Morphisec has discovered it also suffers from an "unquoted path vulnerability," which can cause the Bonjour updater to indiscriminately run a file, whether it be safe or...

Scammers are targeting Australians desperate to get their hands on Apple’s latest premium smartphones, using the promise of an iPhone 11 Pro to lure in unsuspecting victims. The Australian Communications and Media Authority (ACMA) has warned people to be on the lookout for the scam, which uses fake emails to “phish” for information that could be used to steal your identity. Source: NEWS

Nearly a decade after Hillary Clinton began using personal devices and a private email server while Secretary of State – a practice that sparked a heated debate and congressional investigations during the 2016 presidential election cycle – an early impeachment probe into President Trump revealed that diplomats in the administration used WhatsApp and their personal mobile phones to conduct State Department business as it related to Ukraine. Source: SC Magazine

A new modular and malware designed to target diplomatic and government entities was spotted by ESET researchers while being utilized in attacks aimed at Russian-speaking individuals for at least 7 years. The espionage malware strain dubbed Attor by the researchers comes with some unusual capabilities including the use of encrypted modules, Tor-based communications, and a plugin designed for GSM fingerprinting using the AT protocol. Source: Bleeping Computer

Popular prostitution and escort forums in the Netherlands and Italy have suffered data breaches that exposed the usernames, email addresses, and hashed passwords for their registered members. With prostitution and escort services being legal in the Netherlands and Italy, forums have been created that allows users to review services or interact directly with sex workers. Source: Bleeping Computer

29-year old Singapore citizen Ho Jun Jia aka Matthew Ho was charged today under a 14-count indictment for allegedly mining cryptocurrency using stolen Amazon AWS and Google Cloud computing power and services. The defendant who was taken into custody by the Singapore Police Force on September 26, used the credit card and identity information stolen from California and Texas residents to run a large-scale cryptocurrency mining operation. Source: Bleeping Computer

The medical and personal information of about 1 million people was exposed after a breach of Tū Ora Compass Health, a primary health organization (PHO) located in New Zealand. The non-governmental organization (NGO) discovered four intrusions – by what Ministry of Health Director-General of Health Ashley Bloomfield said were two hacktivists and two “more sophisticated actors” – on August 5 after its website was defaced. Source: SC Magazine

Community-based healthcare system Methodist Hospitals from Gary, Indiana, disclosed that sensitive personal and medical information for 68,039 individuals may have been exposed following a successful phishing attack against two of its employees. Methodist provides surgical and medical hospital services, it employs 2,576 individuals, and it reported a total number of 195,055 patient encounters during 2018 according to last year's annual report. Source: Bleeping Computer

Email addresses and phone numbers provided to secure user accounts were accidentally shared with marketers. Twitter account holders who provided an email address or phone number to enable multifactor authentication may have had their data used for advertising purposes, Twitter reports. Source: Dark Reading

The official Sesame Street online store, along with thousands of other retailers, has been targeted by a credit card-stealing hack. Card details were collected by a piece of malicious software, dubbed JavaScript Cookie. The code was found in shopping cart software built by Volusion, which has 20,000 small business customers. The issue was spotted by a security researcher while shopping for toys on the Sesame Street store. Source: BBC News