Reading Time: ~ 2 min.

News Site Suffers Data Breach

Flipboard, a news aggregation site, recently revealed that it’s
been the victim of a data
breach
that could affect many of their more than 100 million active users. Digital
tokens were among the compromised data, which could give the attackers further
access to other sites, though Flipboard promptly removed or replaced them. At
least two separate breaches have been reported by Flipboard, with one occurring
in the middle of 2018 and the other in April of this year. Both allowed the
attackers nearly unlimited access to databases containing a wealth of user
data.

Keylogger Targets Multiple Industries

At least two separate campaigns have been found to be
sending malicious
emails
to industry-leading companies in several different areas of
business. Hidden within these emails are two variants of the HawkEye keylogger
that perform various malicious activities beyond simply stealing keystrokes
from the infected device. By acting as a loader, HawkEye can install additional
malware and even contains a script to relaunch itself in case of a system
reboot.

Australian Teen Hacks Apple

A teen from Australia was recently in court to plead guilty
to two separate hacks
on Apple
, which he conducted in hopes of gaining a job with the company.
While Apple has since confirmed that no internal or customer data was breached,
they have chosen leniency after his lawyer made a case for the perpetrator being
remorseful and not understanding the full impact of his crimes.

Fake Crypto-wallets Appear on App Store

Several fake
cryptocurrency wallets
have made their way into the Google Play store
following the latest rise in the value of Bitcoin. Both wallets use some form
of address scam, by which the user transfers currency into a seemingly new
wallet address that was actually designed to siphon off any transferred
currency. The second of the two wallets operated under the guise of being the
“mobile” version of a well-known crypto-wallet. It was quickly identified as fake
due to an inconsistent icon image. Both fake wallets were tied to the same
domain and have since been removed from the store.

Ransomware Focuses on MySQL Servers

While the threat of GandCrab
is not new, organizations discovered its persistent risk after researchers found
it has been refocused on attacking MySQL servers. By specifically targeting the
port used to connect to MySQL servers, port 3306, the attackers have had some success,
since many admins allow port 3306 to bypass their internal firewalls to ensure
connectivity. As GandCrab continues to narrow it’s attack scope, its remaining viable
vectors are likely to be even more lucrative given that most organizations are not
able to secure everything.

The post Cyber News Rundown: Popular News Site Breached appeared first on Webroot Blog.