Categories


Authors

BTH News 26July2020

BTH News 26July2020

This Week In Cybersecurity

This week on Between the Hacks, Garmin is under attack, a Twitter hack update, a data breach involving a university and non-profit cloud vendor, critical Adobe patches, and the DEF CON documentary.


Garmin Ramsomware Attack

Garmin, the Kansas-based company best known for its GPS technology for sports, outdoor, automotive, aviation and marine activities, was hit by a ransomware attack on Thursday. The attack is ongoing and Garmin services are still down as of the publication of this article.

Forbes reports, “Garmin is reportedly being asked to pay a $10 million ransom to free its systems from a cyberattack that has taken down many of its services for two days.” Since the attack started, Garmin customers have been unable to log their workout and fitness data with Garmin’s servers. Even worse, pilots reported to ZDNet that they haven't been able to download an up-to-date version of Garmin's aviation database on their Garmin airplane navigational systems, which is an FAA requirement.

On Saturday, July 25th, Garmin tweeted, “We want to extend our sincerest apology for the inconvenience the outage has caused for our customers. We hope this FAQ answers some of the questions you have: http://garmin.com/outage


Twitter Attackers Had Access to DM’s

Twitter continues their investigation of last week’s attack on 130 accounts as reported by Between the Hacks. Twitter disclosed on Wednesday that attackers had accessed and sent tweets from 45 accounts and accessed the Direct Message (DM) inboxes of 36 of those accounts.

One of those accounts belongs to elected Dutch official Geert Wilders, who said Thursday that he was informed by Twitter that his account was compromised by a hacker, who posted tweets on his account and sent false direct messages in his name, according to Yahoo!.

Reuters reports, “more than a thousand Twitter employees and contractors as of earlier this year had access to internal tools that could change user account settings and hand control to others, two former employees said, making it hard to defend against the hacking that occurred last week.”


University and Non-Profit data Breach

Blackbaud, a US-based cloud provider that primarily serves educational institutions and nonprofits, disclosed that it sustained an attempted ransomware attack in May during which the attackers were able to exfiltrate some customer data, the BBC reports.

In a disclosure statement, Blackbaud wrote that they discovered a ransomware attack in May of 2020. The Blackbaud team stopped the attackers from encrypting Blackbaud data, thereby thwarting the ransomware attack, however the attackers, “removed a copy of a subset of data from our self-hosted environment. The cybercriminal did not access credit card information, bank account information, or social security numbers.”

Even though the ransomware attack was thwarted, Blackbaud paid a ransom to the criminals to prevent any further leakage of the stolen data. Blackbaud stated, “we have no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly."

According to the BBC, at least 10 universities in the UK, US and Canada have had data stolen about students and/or alumni. Human Rights Watch and the children's mental health charity, Young Minds, have also confirmed they were affected.


Adobe Patches Critical Photoshop Vulnerabilities and Forces MFA on Magento

This week, Adobe released out-of-band patches for more than twelve vulnerabilities affecting Photoshop, Bridge, and Prelude, Threatpost reports. “Several of the critical flaws are tied to Adobe’s popular Photoshop photo-editing software and allow adversaries to execute arbitrary code on targeted Windows devices.”

Adobe also announced that they will implement mandatory two-factor authentication (2FA or MFA) for Magento administrator accounts according to BleepingComputer. Adobe has added 2FA throughout the Magento platform in response to the widespread number of attacks where administrator accounts have been compromised to use skimmer scripts on hacked e-commerce sites to steal customers' credit cards.


Tip of the Week

defcon-the-documentary-52819a67719cb.jpg

DEF CON Documentary

With only a few weeks until hacker summer camp, there is still time to register for virtual Black Hat and DEF CON in Safe Mode with Networking. This year, Black Hat will be greatly discounted and DEF CON will be free.

If you’re not familiar with DEF CON, you may want to watch the 2012 documentary (below). The documentary shows a lot of footage from the 2012 conference, such as the keynote speech by General Keith Alexander, Director of the the NSA, Chief of Central Security Service and Chief of the U.S. Cyber Command.

WARNING: There is some colorful language so maybe NSFW. Well, you’re probably working from home now so maybe don’t listen around small children or use headphones.

A film about the world's largest hacking convention and its 20th year running. Filmed over the summer of 2012 and containing hundreds of hours of interviews, parties, presentations and spectacle. Over 280 hours of footage was recorded in support of the documentary, and five separate camera crews were in action. Directed by Jason Scott with camerawork by Eddie Codel, Alex Buie, Drew Wallner, Rick Dakan, Steve Fish, Kyle Way and Rachel Lovinger. Produced by Jeff Moss and Russ Rogers.


Picture of the Week

PhishingAI_JK-April2020.jpg
Vulnerabilities Part 1: What Are Vulnerabilties?

Vulnerabilities Part 1: What Are Vulnerabilties?

BTH News 18July2020

BTH News 18July2020