In the Nightfall InfoSec Roundup, we summarize the latest information security news, breaches, vulnerabilities & advancements. In this week's edition:
Two third-party SDKs allowed secret harvesting of Twitter and Facebook user data.
A Microsoft bug allowed for a user login exploit.
New ransomware attacks target NAS drives & backup systems.
Read these stories and other timely infosec news below.
Cyber Attacks & Breaches
Facebook and Twitter say hundreds of users accidentally gave improper access to personal data through third-party apps
(CNBC) November 25th
Facebook and Twitter announced that personal data of hundreds of users may have been improperly accessed after they used their accounts to log in to certain apps.Vistaprint left a customer service database unprotected, exposing calls, chats and emails
(TechCrunch) November 25th
The database was first detected by exposed device and database search engine Shodan on November 5, but it may have been exposed for longer.Official: Russian-owned company attempted Ohio election hack
(Associated Press) November 27th
Ohio detected and thwarted an election-related cyber attack earlier this month, the state's elections chief said. The “relatively unsophisticated” hacking attempt on Nov. 5, 2019, originated in Panama but was traced to a Russian-owned company.Palo Alto Networks hit by data leak
(Techradar) November 28th
The cybersecurity firm Palo Alto Networks has admitted that it suffered a data breach which resulted in the personal data of both past and current employees being leaked online.Analysis: Louisiana cyberattack disrupts, but not worst-case
(Associated Press) December 1st
One in ten of Louisiana’s 5,000 computer network servers that power operations across state government were damaged by this month’s cyberattack, but it was far from a worst-case scenario.Millions of SMS messages exposed in database security lapse
(TechCrunch) December 1st
The database stored years of sent and received text messages from its customers and processed by TrueDialog. But because the database was left unprotected on the internet without a password, none of the data was encrypted and anyone could look inside.
Vulnerabilities & Exploits
How Bluetooth can be an attack gateway
(Techradar) November 26th
Sophisticated hackers with sinister intent have exploited several Bluetooth flaws to steal data or install malware, whether that be via Bluetooth chips, targeting mobile devices or even navigating through car entertainment systems.Top 25 Most Dangerous Vulnerabilities Refreshed After 8 Years
(Bleeping Computer) November 27th
For the first time in eight years, the DHS list with the most dangerous 25 software vulnerabilities received an update that promises to be relevant for current times.Vulnerability Allows Hackers to Take Control of ABB Substation Protection Devices
(SecurityWeek) December 2nd
A critical vulnerability affecting some Relion protection devices from ABB can be exploited to take control of a device or cause it to become inoperable, the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) warned last week.A bug in Microsoft’s login system put users at risk of account hijacks
(TechCrunch) December 2nd
Microsoft has fixed a vulnerability in its login system, which security researchers say could have been used to trick unsuspecting victims into giving over complete access to their online accounts.
Risks & Warnings
Dropbox Phishing Scam: Don’t Get Fooled by Fake Shared Documents
(Hashed Out) November 25th
Hackers use familiar brands like Dropbox to steal login credentials and spread malware.A hacking group is hijacking Docker systems with exposed API endpoints
(ZDNet) November 26th
A hacking group is current mass-scanning the internet for exposed Docker containers in order to deploy a cryptocurrency miner on them.Google caught a Russian state hacker crew uploading badness to the Play Store
(The Register) November 28th
Google has said it fired off 12,000 warnings to unlucky users of its Gmail, Drive and YouTube services telling them that they’re being phished by state-backed hackers.NAS drives & backup systems attacked by new ransomware attack
(SC Magazine UK) December 2nd
Researchers at Kaspersky have discovered a previously undetected ransomware attack that is targeting Network Attached Storage (NAS) that poses new risks for back-up data usually stored on such devices.