In the Watchtower Weekly InfoSec Roundup, we summarize the latest information security news, breaches, vulnerabilities & advancements. In this week's edition:
Database leaked 1M fingerprints.
Critical flaw affects all Windows devices.
Cerberus banking trojan for rent.
Read these stories and other timely infosec news below.
Cyber Attacks & Breaches
BioStar 2 database leaked one million fingerprints, facial recognition data
(SC Magazine) August 14th
A breach in a database of biometric security smart lock platform Suprema BioStar 2 exposed more than one million fingerprint records as well as facial recognition information and other sensitive data. The web-based system is used by the likes of the U.K. Metropolitan Police to control access to physical facilities and manage users permissions.
Hackers Demand $1M in Grays Harbor Ransomware Attack
(Health IT Security) August 14th
Hackers infected Washington-based Grays Harbor Community Hospital and Harbor Medical Group with ransomware and demanded a payment of $1 million to unlock patient files, according to a report from the Daily World.
Ransomware strike takes down 23 Texas local government agencies
(ars Technica) August 19th
Early on August 16, a total of 23 local government organizations in Texas were hit by a coordinated ransomware attack. The type of ransomware has not been revealed, and Texas officials asserted that no state networks were compromised in the attack.
Data breach: ASU accidentally reveals email addresses of 4,000 students
(AZ Family) August 19th
Arizona State University has notified 4,000 students that their email addresses "were accidentally revealed" in a large data breach. ASU told the students on Aug. 16 it happened in late July when a university office sent bulk emails about renewing health insurance coverage without masking the identities of the recipients.
European Central Bank Shuts Down 'BIRD Portal' After Getting Hacked
(The Hacker News) August 16th
The European Central Bank (ECB) confirmed that it had been hit by a cyberattack that involved attackers injecting malware into one of its websites and potentially stealing contact information of its newsletter subscribers.
Michigan Medicine issues alert after data breach exposes personal information of patients
(Click On Detroit) August 17th
Michigan Medicine issued an alert after a data breach exposed the personal information of more than 5,000 people. A link was sent to patients and employees that appeared to be from Michigan Medicine's website but was really a scam. Since the data breach, Michigan Medicine has disabled accounts.
700K Guest Records Stolen in Choice Hotels Breach
(Dark Reading) August 13th
Hotel franchisor Choice Hotels has confirmed a breach in which attackers stole 700,000 guest records from a publicly available MongoDB database without a password or any authentication.
Hy-Vee investigates possible 'data breach'
(KETV Omaha) August 14th
HyVee officials said they are investigating a possible “data incident” involving its payment processing systems. HyVee said the possible breach focuses on transactions at some fuel pumps, drive-thru coffee shops and restaurants, including Market Grilles, Market Grille Expresses and the Wahlburgers locations that HyVee owns and operates.
Data breach exposes information of more than 800 Charleston Co. employees
(Live 5 WCSC) August 13th
The Charleston County Sheriff’s Office has been notified after more than 800 Charleston County employees were part of a data breach because of an inadvertent email which was sent out by a county Human Resources employee.
BISMARCK DATA BREACH
(Knox Radio) August 13th
The FBI is investigating a data breach affecting about 18,500 current and former Bismarck Public Schools students and nearly 1,100 employees.
Vulnerabilities & Exploits
New Critical Security Flaws Affect All Windows Versions, Millions Of Users At Risk -- Update Now
(Forbes) August 13th
Several severe security flaws affecting all Windows versions since Windows XP have just been made public today and Microsoft has barely released the appropriate security update which took 90 days—which is the common disclosure window before vulnerabilities are made public—to develop.
Security Flaws Discovered in 40 Microsoft-Certified Device Drivers
(Dark Reading) August 12th
A security researcher showed that device drivers — the small utility applications that allow particular pieces of hardware to work with an operating system — can bridge critical gaps for legitimate hardware and malicious hackers alike.
8 New HTTP/2 Implementation Flaws Expose Websites to DoS Attacks
(The Hacker News) August 14th
Various implementations of HTTP/2, the latest version of the HTTP network protocol, have been found vulnerable to multiple security vulnerabilities affecting the most popular web server software, including Apache, Microsoft's IIS, and NGINX.
Researchers Show How SQLite Can Be Modified to Attack Apps
(Dark Reading) August 12th
Researchers have developed a new technique that shows how attackers can reliably trigger and exploit a wide range of memory safety issues in the SQLite engine using nothing other than the SQL language.
Risks & Warnings
Cerberus: A New Android 'Banking Malware For Rent' Emerges
(The Hacker News) August 13th
After a few popular Android Trojans like Anubis, Red Alert 2.0, GM bot, and Exobot, quit their malware-as-a-service businesses, a new player has emerged on the Internet with similar capabilities to fill the gap, offering Android bot rental service to the masses.
Hackers have worked out how to exploit security flaws to get users' data from gay hook-up and threesome apps Grindr, Romeo, Recon and 3Fun
(Daily Mail) August 13th
Users of hook-up apps risk being blackmailed by hackers who have worked out how to exploit security flaws to steal users' data. Security experts have issued a warning after three gay hookup apps and a threesome app were found to expose users' exact locations, just by knowing the publicly available username.
Hackers can turn headphones into ‘acoustic weapons,’ cybersecurity expert warns
(New York Post) August 13th
According to Wired, cybersecurity research lead at the technology consulting firm PWC UK, Matt Wixey, demonstrated that everyday speakers can be infected with malware that makes them emit dangerously high or low frequencies.