TL;DR

TL; DR: The five-year mistake (Week 41)

A Japanese car company has been sharing access keys to some of its systems on its GitHub for five years, a US hospital network is battling a ransomware infection, and users of unofficial WhatsApp clients should consider returning to the original. After Slovak airports, US ones also faced a DDoS attack and AVAST has published decryption keys for the ransomware.

Access keys published

Toyota Motor Company has disclosed information about a possible leak of the personal data of nearly 300,000 customers who used T-Connect between July 2017 and September 2022. The possible data leak was that the company had publicly available access keys to the data on its GitHub for 5 years.

Ransomware in US hospitals

One of America’s largest hospital networks, CommonSpirit, was the target of a ransomware attack. The attack forced IT departments to shut down part of the infrastructure resulting in adjustments to patient exam and surgery schedules. Although it has been a week since the attack, hospital operations are reportedly still limited.

Trojan in unofficial WhatsApp client

Kaspersky security researchers have uncovered a Trojanised version of the WhatsApp chat app called YoWhatsUp. The app containing the Triad Trojan allowed attackers to install arbitrary additional malware, steal a WhatsApp account and log its user onto paid services without being notified.

SHORTS:

  • The cybercrime gang Killnet carried out DDoS attacks on several U.S. airports. The attack successfully knocked out website traffic and made it impossible for airport customers to get information about their flights and also made it impossible to order airport services. Local traffic at the airports was not affected,
  • Mandiant security researchers warn of new phishing service The Service has an intuitive and simple interface, provides multiple tools including automation, is intuitive and inexpensive,
  • DDoS protection from Cloudflare has broken its own record, in which it blocked a 2.5 Tbps attack on the Minecraft server Wynncraft. The Mirai botnet was responsible for the attack,
  • unknown cybercriminals exploited the Binance Bridge vulnerability and generated $100 million worth of crypto tokens,
  • Intel confirmed the authenticity of leaked source code related to UEFI firmware for the Intel Alder Lake processor,
  • Microsoft is officially rebranding its Office product portfolio to Microsoft 365,
  • AVAST security researchers have released a free decryptor for the MafiaWare666 ransomware.

« Späť na zoznam
Current threats
all publications
Links