Cybersecurity Weekly: Wyze data leak, PayPal phishing scam, prison footage leak
IoT company Wyze suffers a data leak affecting millions of customers. An ambitious phishing campaign aims for more than just usernames and passwords. Security camera footage from a prison in Thailand leaks to YouTube. All this, and more, in this week’s edition of Cybersecurity Weekly.
See Infosec IQ in action
1. Wyze data leak exposed personal data of millions of users
Security camera startup Wyze confirmed it suffered a data leak in December that may have left millions of personal data records exposed on the internet. The data was accidentally exposed when transferred to a new database because the company failed to maintain security protocols during this process.
Read more »
2. Ambitious scam wants far more than just PayPal logins
Security researchers have spotted fraudulent websites that impersonate PayPal to trick users into handing over considerably more than their username and password. These phishing sites prompt users for their name, address and full credit card details, as well as answers to common security questions.
Read more »
3. Security developer creates Wi-Fi hacking module with Pi Zero
A security developer recently shared the design for a Wi-Fi hacking gadget made with a Raspberry Pi Zero W and a portable battery. In his post, he detailed everything needed to recreate his device — including how he used re4son-kernel for Wi-Fi monitoring as well as Aircrack-ng and Bettercap to do most of the heavy lifting.
Read more »
4. Ransomware shuts down The Heritage Company
The Heritage Company became the latest ransomware victim to temporarily shut down its operations after making a ransom payment. The company’s CEO alerted the 300 employees of the temporary suspension and informed them to call the office on January 2 for an update on the status of the recovery.
Read more »
5. Ryuk Ransomware stops encrypting Linux folders
A new version of the Ryuk Ransomware will purposely avoid encrypting folders commonly seen in Linux and Unix operating systems. The purpose for this is to encrypt the victim’s data without affecting the core functionality of the operating system, which will more often lead to a ransom payment.
Read more »
6. Prison surveillance footage posted on YouTube
Thailand law enforcement is looking into an incident that resulted in live surveillance footage from a local prison leaked to YouTube. Authorities didn’t say how the attacker got in, but there was a hint provided: “When installing video surveillance change the standard passwords,” reads a message on the hacker’s YouTube channel.
Read more »
7. Entercom Radio Network hit by second cyber attack this year
This is the second time the network has to recover from a security incident after the September ransomware attack that caused significant financial losses earlier in the year. Details about this recent attack have not been released but the company confirmed the attack caused an outage lasting several hours.
Read more »
8. Ransomware at IT services provider Synoptek
Synoptek, a California-based IT services provider, suffered a ransomware attack last week that disrupted operations for many of its clients. The company reportedly paid the ransom demand in order to restore operations as quickly as possible. Employees of Synoptek confirmed that the company had been hit by a strain of ransomware called “rEvil.”
Read more »
9. Hundreds of counterfeit shoe sites hit by Magecart credit card scam
Consumers have been warned to avoid sites that promise too-good-to-be-true discounts, as they risk being hit by a credit card scam. This campaign is another example of Magecart scripts, which were also used last year on high-profile websites, including those owned by Newegg, British Airways and Ticketmaster.
Read more »
Phishing simulations & training
10. Twitter app bug used to match 17 million phone numbers to user accounts
A security researcher matched 17 million phone numbers to Twitter user accounts by exploiting a flaw in Twitter’s Android app. Ibrahim Balic found it was possible to upload lists of auto-generated phone numbers through Twitter’s contact upload feature. The company announced that it is working to “ensure this bug cannot be exploited again.”
Read more »