Avast launched its annual Threat Landscape Report, detailing the biggest security trends facing consumers in 2019 as collected by the Avast Threat Labs team.
“This year, we celebrated the 30th anniversary of the World Wide Web. Fast forward thirty years and the threat landscape is exponentially more complex, and the available attack surface is growing faster than it has at any other point in the history of technology,” commented Ondrej Vlcek, President of Consumer at Avast.
Amid a maelstrom of cybersecurity threats and rampant hacking attempts that leverage the power of the IoT against itself, organizations are forced to realize that they are on the losing side of this war.
As such, market vendors have no choice but to enhance their cybersecurity arsenal with more sophisticated tools which allow a deeper understanding of their users, devices, and systems. This will drive the security analytics market toward an impressive revenue of $12 billion by 2024, according to ABI Research.
Singapore Airlines (SIA) says a software glitch was the cause of a data breach that affected 285 members of its frequent flyer programme, compromising various personal information including passport and flight details.
The “software bug” surfaced after changes were made to the Singapore carrier’s website on January 4 and enabled some of its Krisflyer members to view information belonging to other travellers, SIA told ZDNet in an email.
Read more about the Singapore Airlines data breach on ZDNet.
A group of hackers has published the personal details of hundreds of German politicians, but also German artists and local YouTube celebrities.
The data was uploaded online and later promoted via Twitter, starting a few days before the Christmas holiday. The source of the data appears to be the victims’ smartphones. Details about how the data was stolen and exfiltrated from infected phones remain unclear, at the time of writing. According to German news outlets [1, 2, 3], the leaked data contains names, home addresses, phone numbers, email addresses, photo IDs, personal photos, and personal chat histories.
Read more about the disturbing data leak on ZDNet.
The website of Luas, the tram system operating in Ireland’s capital city of Dublin, has been taken offline this morning after hackers defaced the site and demanded a ransom be paid within five days.
Early morning visitors to the website were greeted with a message from the hackers, claiming that data had been stolen from operator Transdev Ireland, and would be published on the internet unless a ransom demand of one Bitcoin (approximately 3,300 Euros or US $3,800) was paid. In the message, the hackers claim that they previously contacted the tram operator about security vulnerabilities and were aggrieved that they received no response.
Read more about the attack on the Luas website on Tripwire.
A passel of privilege-escalation vulnerabilities in MacPaw’s CleanMyMac X software would allow a local attacker to gain root access to an Apple machine in various ways. CleanMyMac X is a cleanup application for MacOS that optimizes the drives and frees up space by scanning for unused, redundant or unnecessary files and deleting them. No fewer than a dozen flaws plague 4.0 and earlier versions of the software, all of them in the package’s “helper protocol.”
The helper functions of the software run as root functions and the flaws arise from the fact that they can be accessed by applications without validation – thus giving those applications root access.
Read more about the critical flaws in CleanMyMac X software on Threatpost.
Researchers have spotted a new Android malware hidden behind six different Android applications that were available for download in Google Play. The six apps include Flappy Birr Dog, Flappy Bird, FlashLight, Win7Launcher, Win7imulator, and HZPermis Pro Arabe. Out of these six apps, five have been removed from Google Play since February 2018.
However, these applications have been downloaded at least 100,000 times by users across 196 countries with the majority of victims residing in India.
Read more about the massive Android malware campaign on Cyware.
A new version of the NRSMiner is actively spreading in the southern region of Asia. The majority of detections (54%) have been found in Vietnam, followed by Iran (16%) and Malaysia (12%). The new version either updates existing NRSMiner infections, or spreads to new systems using the EternalBlue exploit.
EternalBlue is one of the NSA exploits stolen by the Shadow Brokers and leaked to the public. It was patched by Microsoft in March 2017, leaked by Shadow Brokers in April 2017, and used by WannaCry in May 2017. That EternalBlue is still being used to spread malware nearly two years after it was patched by Microsoft points to a massive failure in patching.
A hacker has stolen the personal details of 7.6 million users of browser-based game the “Town of Salem,” BlankMediaGames (BMG) has admitted in a blog post. The hack came to light after a mysterious person sent a copy of the stolen data to DeHashed, a commercial data breach indexing service.
DeHashed says it spent all the Christmas and New Year holiday trying to contact BMG and alert the game maker of the hack and its still-compromised server. The hacked servers were finally secured and “multiple backdoors removed” this week. The compromised information appears to include, usernames, email addresses, encrypted passwords, IP addresses and more.
Read more about the Town of Salem data breach on ZDNet.
Adobe released security bulletin APSB19-02 that describes two security updates for critical vulnerabilities in Adobe Acrobat and Reader. In these updates only two vulnerabilities were fixed, but they are classified as Critical because they allow privilege escalation and arbitrary code execution.
The first vulnerability was assigned ID CVE-2018-16011 and is a use after free bug that could allow arbitrary code execution. The second vulnerability was assigned CVE-2018-19725 and allows attackers to execute code at a higher privilege level.