Watchtower's Weekly InfoSec Round-up: August 13 to August 19


In the Watchtower Weekly InfoSec Roundup, we summarize the latest information security news, breaches, vulnerabilities & advancements. In this week's edition:

  • Database leaked 1M fingerprints.

  • Critical flaw affects all Windows devices.

  • Cerberus banking trojan for rent.

Read these stories and other timely infosec news below.

Cyber Attacks & Breaches

  • BioStar 2 database leaked one million fingerprints, facial recognition data
    (SC Magazine) August 14th
    A breach in a database of biometric security smart lock platform Suprema BioStar 2 exposed more than one million fingerprint records as well as facial recognition information and other sensitive data. The web-based system is used by the likes of the U.K. Metropolitan Police to control access to physical facilities and manage users permissions. 

  • Hackers Demand $1M in Grays Harbor Ransomware Attack
    (Health IT Security) August 14th
    Hackers infected Washington-based Grays Harbor Community Hospital and Harbor Medical Group with ransomware and demanded a payment of $1 million to unlock patient files, according to a report from the Daily World.

  • Ransomware strike takes down 23 Texas local government agencies
    (ars Technica) August 19th
    Early on August 16, a total of 23 local government organizations in Texas were hit by a coordinated ransomware attack. The type of ransomware has not been revealed, and Texas officials asserted that no state networks were compromised in the attack.

  • Data breach: ASU accidentally reveals email addresses of 4,000 students
    (AZ Family) August 19th
    Arizona State University has notified 4,000 students that their email addresses "were accidentally revealed" in a large data breach. ASU told the students on Aug. 16 it happened in late July when a university office sent bulk emails about renewing health insurance coverage without masking the identities of the recipients.

  • 700K Guest Records Stolen in Choice Hotels Breach
    (Dark Reading) August 13th
    Hotel franchisor Choice Hotels has confirmed a breach in which attackers stole 700,000 guest records from a publicly available MongoDB database without a password or any authentication.

  • Hy-Vee investigates possible 'data breach'
    (KETV Omaha) August 14th
    HyVee officials said they are investigating a possible “data incident” involving its payment processing systems. HyVee said the possible breach focuses on transactions at some fuel pumps, drive-thru coffee shops and restaurants, including Market Grilles, Market Grille Expresses and the Wahlburgers locations that HyVee owns and operates.

    (Knox Radio) August 13th
    The FBI is investigating a data breach affecting about 18,500 current and former Bismarck Public Schools students and nearly 1,100 employees.

Vulnerabilities & Exploits

  • Security Flaws Discovered in 40 Microsoft-Certified Device Drivers
    (Dark Reading) August 12th
    A security researcher showed that device drivers — the small utility applications that allow particular pieces of hardware to work with an operating system — can bridge critical gaps for legitimate hardware and malicious hackers alike.

  • 8 New HTTP/2 Implementation Flaws Expose Websites to DoS Attacks
    (The Hacker News) August 14th
    Various implementations of HTTP/2, the latest version of the HTTP network protocol, have been found vulnerable to multiple security vulnerabilities affecting the most popular web server software, including Apache, Microsoft's IIS, and NGINX. 

Risks & Warnings

  • Cerberus: A New Android 'Banking Malware For Rent' Emerges
    (The Hacker News) August 13th
    After a few popular Android Trojans like Anubis, Red Alert 2.0, GM bot, and Exobot, quit their malware-as-a-service businesses, a new player has emerged on the Internet with similar capabilities to fill the gap, offering Android bot rental service to the masses. 

Receive the next edition of Watchtower’s Weekly InfoSec Roundup directly via email by subscribing here.