The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any questions? Just ask.

WordPress Backdoor Found on Over 300,000 Machines

Recently, researchers found a WordPress plugin containing a backdoor that could allow criminals to easily access any device on which the plugin is installed (at least 300,000 machines, in this case). Even more worrisome: the backdoor wasn’t discovered until the plugin’s author was cited in a copyright claim over the use of the “WordPress” brand. The WordPress security team quickly updated the plugin and began force-installing it on all compromised sites.

Billions of Credentials Found on Dark Web

In a recent data dump on the Dark Web, researchers have discovered a trove of credentials for at least 1.4 billion users, all of which was stored in plain text and was easily searchable. While some of the data had already been released in a previous data dump, it appears most of the credentials were new and verified as authentic. Unsurprisingly, the dump has also revealed that the majority of users still have incredibly weak passwords. The most common is still “123456”.

Data on Millions of Americans Left Unattended Online

Earlier this year, researchers discovered yet another AWS S3 database left misconfigured and freely available to anyone with AWS credentials. The database belongs to Alteryx, a marketing analytics company, and revealed financial information for at least 123 million Americans. Although, fortunately, the database didn’t contain full names or social security numbers, the 248 available data fields could easily be used to identify specific individuals.

Thousands of Lexmark Printers Left Unsecured

Over 1,000 internet-connected Lexmark printers have been found to have zero security measures; most lacked even a simple password. Additionally, many of these printers have been traced back to prominent companies and even government organizations. And while sensitive information isn’t directly available, hackers could cause major disruptions to the devices’ functions, and could even install malware to remotely capture any print jobs that might contain valuable data.

Android Mobile Game Silently Leaking Data

A relatively new mobile game on the Google Play Store appears to leak sensitive data from both the device’s user and the device itself almost constantly. Dune!, the app, has been downloaded at least 5 million times, and has been known to connect to up to 32 different servers to silently transmit stolen data and access a device’s geolocation data. Along with its true functionality, Dune! carries at least 11 known vulnerabilities that make it prone to additional attacks and further data leakage.


The post Cyber News Rundown: Edition 12/29/17 appeared first on Webroot Threat Blog.