Nightfall Weekly InfoSec Roundup: July 30 to August 5

Cyber Attacks & Breaches

  • Stockx was Hacked, Exposing Millions of User Records
    (Tech Crunch) August 3rd
    An unnamed data breached seller contacted TechCrunch claiming more than 6.8 million records were stolen from the site in May by a hacker. The seller declined to say how they obtained the data.

  • A cyber-attack gets $700,000 from the City of Naples
    (FOX 4) August 1st
    Fox 4 has confirmed a major cyber-attack on one of Southwest Florida’s most prominent cities. Naples City Manager Charles T. Chapman IV says the city was the victim of a criminal cyber-attack. He says the thieves got away with $700,000.

  • Around 11,000 Summa Health patients PHI possibly got compromised
    (SPAMfighter) July 31st
    Summa Health based in Akron city, Ohio, has discovered that access to email accounts of four employees was gained by an unauthorized individual. Those compromised email accounts contain patients’ PHI (Protected Health Information).

  • Clothing Resale Marketplace Poshmark Announces Data Breach
    (Vice) August 1st
    Poshmark, a website focused on letting people sell used clothes, announced hackers had stolen data from the company. The information stolen includes a customer’s username, first and last name, gender, city, clothes size preference, email address, and hashed password, according to the announcement.

  • Sephora reports data breach, but few details
    (SC Magazine) July 30th
    Sephora is reporting a data breach affecting its customers in the South Pacific and Southeast Asia. The company does not believe any credit card information was involved nor that any of the data exposed has been used in a malicious manner.

  • Nevada students’ information exposed in data breach
    (Las Vegas Review Journal) August 1st
    More than 650,000 Nevada students had personal information exposed in a data breach announced by the state’s two largest school districts, prompting internet safety advocates to urge parental caution with products children use online.

  • 1M Payment Cards Exposed in South Korea Breach
    (Dark Reading) August 1st
    Researchers have detected a significant uptick in the amount of South Korean-issued payment card records, with more than 1 million posted for sale on the Dark Web since May 29.

Vulnerabilities & Exploits

  • Chrome 76 Patches 43 Vulnerabilities
    (SecurityWeek) July 31st
    Google released Chrome 76 to the stable channel with 43 security fixes inside, as well as with other safety and privacy enhancements.

  • DHS Alerts to Remote Vulnerabilities in Multiple VPN Applications
    (Health IT Security) July 30th
    Vulnerabilities found in Palo Alto Networks, FortiGuard, and Pulse Secure Virtual Private Network (VPN) applications could allow a remote attack to take control of the affected systems, according to a recent alert from the Department of Homeland Security.

Risks & Warnings

  • Researchers Discover New Ways to Hack WPA3 Protected WiFi Passwords
    (The Hacker News) August 3rd
    A team of cybersecurity researchers who discovered several severe vulnerabilities, collectively dubbed as Dragonblood, in the newly launched WPA3 WiFi security standard few months ago has now uncovered two more flaws that could allow attackers to hack WiFi passwords.

  • U.S. Issues Hacking Security Alert for Small Planes
    (SecurityWeek) July 30th
    The Department of Homeland Security issued a security alert for small planes, warning that modern flight systems are vulnerable to hacking if someone manages to gain physical access to the aircraft.

  • New Mirai botnet lurks in the Tor network to stay under the radar
    (ZDNet) August 1st
    A new variant of the Mirai botnet has been discovered which utilizes the Tor network to prevent command server takedowns or seizure. Mirai is an Internet of Things (IoT) botnet which has been used in distributed denial-of-service (DDoS) attacks in the past against prominent websites.

  • New Lord exploit kit is spreading ‘Eric’ ransomware, according to Malwarebytes
    (computing) August 5th
    Cybersecurity firm Malwarebytes has warned about a new exploit kit, named Lord, which is spreading ransomware via compromised websites. Lord EK was first spotted on 1st August and it was concluded that this exploit kit was part of a malvertising chain (via the PopCash ad network), using a compromised site to redirect potential victims to a malicious landing page.


Join us next week for the next edition of Nightfall’s Weekly InfoSec Roundup!

Share this post: