August 31, IDG News Service – (International) Russian-speaking hackers breach 97 web sites, many of them dating ones. Security researchers from Hold Security discovered that hackers breached 97 web sites between July - August after analysts found batches of stolen information, including a list of web sites and their vulnerabilities, notes, and large lists of email addresses and unencrypted passwords. Source
August 31, IDG News Service – (International) ‘KeyRaider’ iOS malware targets jailbroken devices. Security researchers from Palo Alto Networks discovered that hackers have compromised over 225,000 Apple user accounts using malware called KeyRaider to target jailbroken devices. The malware steals account usernames, passwords, device identification codes, certificates, private keys, and purchase receipts, and was also observed being used as ransomware. Source
August 31, Securityweek – (International) Vulnerability allowed hackers to hijack Smartsheet accounts. Smartsheet patched an insecure direct object reference vulnerability in its cloud application that could have allowed an attacker to hijack user accounts via the software’s “import users” feature. The application is used by over 65,000 businesses and 5 million users worldwide. Source
August 31, Softpedia – (International) Hackers linked to Russian government impersonate EFF web site to spread malware. Google security researchers discovered that hackers affiliated with Operation Pawn Storm were using spear phishing emails purporting to be from an Electronic Frontier Foundation domain to deliver a recently discovered Java zero-day exploit that would inject the affected system with Sednit malware. Source
August 31, The Register – (International) Cisco ISE carries HTML authentication bug. Cisco discovered a vulnerability in its Identity Services Engine (ISE) in which an attacker could exploit a lack of access control for uploaded HyperText Markup Language (HTML) files to see custom pages an administrator has created, which can include sensitive network and security information. Source
August 31, Securityweek – (International) IBM warns of new CoreBot stealer. Security researchers at IBM discovered a new threat dubbed “CoreBot” that uses a modular plugin system to steal local data from web browsers, applications, File Transfer Protocol (FTP) clients, email clients, and other software after setting up a key in the Microsoft Windows Registry to maintain persistence. The malware also contains a domain generation algorithm (DGA), and can download and execute other threats through Windows PowerShell. Source