News

After a deadline was missed for receiving a ransom payment, the group behind Maze Ransomware has published almost 700 MB worth of data and files stolen from security staffing firm Allied Universal. We are told this is only 10% of the total files stolen and the rest will be released if a payment is not made. Source: Bleeping Computer

European hotel booking platform provider Gekko Group mistakenly stored over 1 terabyte of information on a publicly configured server, exposing troves of data related to its hotel B2B clients, as well as travel agents and their customers. Source: SC Magazine

Cyber-attack on a hospital in Rouen last week caused "very long delays in care", reports the AFP news agency. Medical staff at the French city's University Hospital Centre (CHU) were forced to abandon PCs as ransomware had made them unusable, a spokesman said. Instead, staff returned to the "old-fashioned method of paper and pencil", said head of communications Remi Heym. Source: BBC

The NSA recently issued an advisory to enterprises that adopt 'break and inspect' technologies to gain visibility over encrypted traffic, warning them of the potential risks of such an approach. In fact, decrypting and re-encrypting traffic through a proxy device, a firewall, intrusion detection or prevention systems (IDS/IPS) that that doesn't properly validate transport layer security (TLS) certificates, for instance, will weaken the end-to-end protection provided by the TLS encryption to the end-users, drastically increasing...

External Key Manager and Key Access Justification are intended to give organizations greater visibility into requests for data access. Google Cloud today debuted new capabilities, External Key Manager and Key Access Justifications, to give customers greater visibility into who requests access to their information and the reasoning behind these requests. They also have the ability to approve or deny them. Source: Dark Reading

Admins and owners of WordPress websites are urged to immediately apply the Jetpack 7.9.1 critical security update to prevent potential attacks that could abuse a vulnerability that has existed since Jetpack 5.1. You can update your installation to the 7.9.1 version through your dashboard, or manually download the Jetpack 7.9.1 release here. Source: Bleeping Computer

The Microsoft Security Response Center (MSRC) warned customers of the threat behind ongoing DoppelPaymer ransomware attacks and reminded them about misleading info on how it spreads. "There is misleading information circulating about Microsoft Teams, along with references to RDP (BlueKeep), as ways in which this malware spreads," MSRC Director of Incident Response Simon Pope says. Source: Bleeping Computer

A hacker hijacked the Twitter account of Arron Banks, chairman of the pro-Brexit UK political campaign organization Leave.EU, and leaked his private message history online earlier this week. The BBC yesterday reported that the culprit had access to thousands of private messages that had been sent and received by Banks over several years. The Register further reported that the hacked Twitter account was used to spread links to a Mega.nz download page that hosted a dump of the messages....

An exposed database belonging to PayMyTab leaked PII on customers who dined at restaurants using the mobile payment system. An anonymous third party discovered the open AWS S3 bucket and brought it to the attention of researchers at vpnMonitor through Helen Foster, a partner at the Davis Wright Tremaine law firm in Washington. Source: SC Magazine

Onapsis, the leading provider of business application protection have revealed new threat research into a recently discovered vulnerability on Oracle E-Business Suite – Oracle PAYDAY. The attack scenarios exploit two vulnerabilities with CVSS scores of 9.9 out of 10 in Oracle EBS, Oracle’s ERP software installed at up to 21,000 companies. Onapsis discovered and reported the vulnerabilities to Oracle, which issued patches earlier this year. Onapsis estimates that 50% of Oracle EBS customers have not...