Reading Time: ~ 2 min.

Malware Discovered in Chinese Tax Software

As part of an official Chinese tax initiative, researchers
have found multiple backdoors into mandatory tax software installed on all
Chinese business systems. The new malware is called GoldenHelper,
in a nod to the command-and-control domain, and has been in
active development and use since 2018. The latest campaign, dubbed GoldenSpy, is
adept at avoiding detection and began within months of the old
command-and-control servers going offline.

Texas Collections Company Suffers Data Breach

The Texas billing and collection company Benefits
Recovery Specialists Inc.
has announced that a breach containing data on
over 250,000 customers occurred in April. The breach leaked personally
identifiable information including Social Security Numbers, birthdates and
physical addresses, that could all be used to launch additional attacks. Affected
clients began receiving notifications about the breach in June, though the
company has still not shared what malware was installed by the perpetrators.

Microsoft Fixes 17-Year-Old DNS Flaw

After nearly 17 years of being active and exploitable, Microsoft
has finally identified and resolved a major vulnerability involving a worm-like
transmission that requires no human interaction. With the help of a third-party
security firm Microsoft was able to patch the vulnerability before it caused
significant damage, though the time was certainly there for malicious actors to
use the flaw to execute any number of malicious executables onto an endless
string of compromised machines.

UK Ticket Provider Leaves 4.8 Million Logins Unsecured

A collection of roughly 4.8 million login credentials have
been found in a leaked database belonging to a major UK
ticker provider
serving customers around the world. Among the credentials
were domains belonging to several government agencies along with millions of consumer
webmail users. The site has also been targeted in the past by attackers looking
to deface the website and has been called vulnerable to SQL injection should
attackers pursue that method.

Wattpad Database Compromises Millions of Users

Officials have been working over the past week to remediate
a data breach that could affect over 200 million users of Wattpad.
The compromised database was listed for $100,000 on a Dark Web sale site, but
was later re-listed with no price. Its owners claim to hold records for over
271 million users. Wattpad has stated that, though personally identifiable information
was revealed in the breach, no financial information was accessible since
Wattpad doesn’t store it directly on its servers.

The post Cyber News Rundown: GoldenSpy appeared first on Webroot Blog.