Cyber Bites

The iPhone maker released the latest version of its mobile operating system, iOS 13, last week and the company followed this up with the recent release of iOS 13.1 and iPadOS 13.1. However, Apple has warned users of an issue affecting third-party keyboard apps in a brief advisory, which reads: “Third-party keyboard extensions in iOS can be designed to run entirely standalone, without access to external services, or they can request “full access” to provide additional features...

A new spam campaign is underway that is targeting Chinese recipients to trick them into installing the REvil (Sodinokibi) Ransomware. This spam campaign was discovered by security researcher onion and pretends to be an email from DHL stating that the delivery of a package has been delayed due to an incorrect customs declaration. It then proceeds to inform the recipient that they must download the enclosed "Customs documents", fill them out correctly, and send it back in...

DoorDash has announced a data breach where an unauthorized user was able to gain access to the personal information of 4.9 million consumers, Dashers, and merchants. In a security notice published on their site and through emails being sent to affected users, DoorDash states that an unauthorized party was able to gain access to user data on May 4, 2019. The data is only for users, Dashers, and merchants who joined their platform on or...

An estimated 16,000 WordPress websites are running a plugin that is vulnerable to unauthenticated plugin option updates. WordFence, a WordPress security solution provider, has reported that the plugin Rich Reviews has a vulnerability that is currently being abused and can be exploited to deliver stored cross-site scripting (XSS) payloads. This can result in malvertisements being injected, causing pop up ads and redirects to appear on the site using the plugin. “The Wordfence team is seeing...

Google and Apple recently removed hundreds of apps from their respective app stores after being informed they were actually fronts for gambling operations. While it’s not unusual to find malicious apps, this operation was different in that many of the apps passed through Google and Apple’s vetting process, Trend Micro reported. This was accomplished by essentially delivering two apps in one to the app store reviewer, one good and one bad. The “good” app presents...

Hackers have penetrated cloud computing networks of some 60 percent of top US companies, with virtually all industry sectors hit. Researchers at the enterprise security firm Proofpoint said they detected over 15 million unauthorized login attempts to cloud computing networks of US Fortune 500 firms in the first six months of 2019, of which 400,000 were successful. Source: TechXplore

Yet another online dating data breach was reported, with yet another Elasticsearch server in question. Online dating app Heyyo has left an Elasticsearch server online without password protection. The unsecured server was discovered by security researchers at WizCase. The leak contained private information, including messages, photos, sexual preferences, occupation, and more for over 70,000 registered users worldwide.  Source: SC Magazine UK

The city of Palm Bay is monitoring a possible data breach involving the city’s online utilities payment system. The company that operates the system found evidence of malware that may have compromised the billing information of thousands of customers. The city said the information on Click2Gov is encrypted, meaning if someone attempted to access billing information, it would have to be unlocked. The city is urging customers to monitor their credit card statements for potentially fraudulent...

A botnet has been detected utilizing the recently disclosed vBulletin exploit to secure vulnerable servers so that they cannot be used by other attackers. This allows the botnet to grow their army of compromised servers without fear that other attackers will utilize the same server. On Monday, a zero-day remote code execution vulnerability and exploit for the vBulletin forum software was publicly released. This quickly led to attackers using the exploit to hack into vulnerable vBulletin servers....

Sensitive data on about 20 million Ecuadorian citizens, including some who are deceased, has once again been discovered on an unsecured server, according to security researchers. The latest finding raises additional questions about who has control over Ecuadorians’ personal information and why it wasn’t secured. The data was discovered on a server used by an Ecuadorian company, DataBook, according to Ran Locar and Noam Rotem, Israeli computer programmers who do security research in their free...