Cybersecurity Highlights

Exposed user data from Marriott hotel company

Marriott, one of the largest hotel chains on the planet, issued a statement on November 30, 2018 confirming that it had detected unauthorized access to its customer database on November 19, 2018,...

References:

news.marriott.com

cyberscoop.com

databreachtoday.com

nakedsecurity.sophos.com

elconfidencial.com

computerhoy.com

Tags:

Dell recommends changing passwords after a cyber attack

The U.S. company Dell has announced, through a press release published on its website, that on November 9, 2018 detected unauthorized activity related to the attempted theft of customer data within...

References:

dell.com

cnet.com

zdnet.com

threatpost.com

forbes.com

abc.es

Tags:

Dismantled advertising fraud operation 3ve

Operation 3ve, considered one of the largest online advertising fraud networks, was dismantled following the arrest of 8 suspects on 27 November 2018. Among the 13 charges against them are...

References:

security.googleblog.com

us-cert.gov

welivesecurity.com

gizmodo.com

blogs.protegerse.com

Tags:

U.S. Postal Service exposes data from millions of users

The US Postal Service (USPS) has fixed a vulnerability in its website API, which allowed any registered user to access the personal data and requests of all existing users on the platform, a total...

References:

krebsonsecurity.com

bleepingcomputer.com

thehackernews.com

unaaldia.hispasec.com

lavanguardia.com

VisionDirect suffers data leakage caused by MageCart script

VisionDirect, an online store that sells contact lenses, has reported that it suffered a data leak from November 3-8, 2018. As indicated in their announcement, only people who logged into the...

References:

visiondirect.co.uk

theregister.co.uk

bleepingcomputer.com

sectorx.com.ar

Tags:

e-commerce

Tool

Many Dark Web pages removed by a cyber attack on Daniel's Hosting server

Daniel's Hosting, one of Dark Web's largest hosting service providers, suffered a cyberattack on November 15, 2018 that caused more than 6,500 websites to be deleted. The server's root account was...

References:

danwin1210.me

zdnet.com

technadu.com

bbc.com

laopinion.com

nakedsecurity.sophos.com

blog.segu-info.com.ar

Tags:

Exposed 21,612 records of Kars4Kids users

Security researcher Bob Diackenko has discovered a Kars4Kids users database, a nonprofit, unprotected car donation organization that contained 21,612 records with personal details.The data was...

References:

linkedin.com

news.softpedia.com

scmagazine.com

techcrunch.com

2-spyware.com

Tags:

French cinema chain suffers CEO fraud

Following a lawsuit filed by the CFO of a Dutch branch of the French cinema chain Pathé, it has become public that the company has been the victim of scam known as the CEO fraud.Apparently, the CFO...

References:

forbes.com

databreachtoday.com

Tags:

Pakistan's army suffers from a malware campaign called Operation Shaheen

The security firm Cylance, in collaboration with Pakistan's CERT, published an investigation in which it explains how the group nicknamed White Company, and supposedly sponsored by a state, has...

References:

threatvector.cylance.com

theregister.co.uk

cyberscoop.com

mercadomilitar.com

Tags:

Critical Infrastructure

Malware