As we settle into the new year, it is important than ever to stay diligent about maintaining proper data security measures and to quickly resolve any newly discovered security vulnerabilities. In our latest security digest, we’ve curated news about the FlexBooker data attack, a very dangerous memory corruption vulnerability called Pwnkit, how a cloud storage misconfiguration left sensitive data openly accessible, a great example of why it is important to plug any holes in leaky AWS S3 buckets, and more.
FlexBooker Data Breach Impacts Over 3.7 Million Users
- Accounts of more than three million users of FlexBooker, an appointment scheduling service, were stolen in an attack before the holidays and are being traded on hacker forums. The same intruders are offering databases claiming to be from two other entities: racing media organization Racing.com and Redbourne Group’s rediCASE case management software, both from Australia. All three breaches allegedly occurred a few days before Christmas and the intruder published the data on a hacker forum. Read more at Bleeping Computer.
Huge Linux PolicyKit Security Vulnerability Discover, Called “Pwnkit”
- A serious memory corruption vulnerability in polkit (formerly PolicyKit) has finally been discovered after 12+ years. This program is found in essentially all modern Linux distributions. Security company Qualys has uncovered a truly dangerous memory corruption vulnerability in polkit’s pkexec, CVE-2021-4034. According to Steven Vaughan-Nichols, this vulnerability is “easy to exploit. And, with it, any ordinary user can gain full root privileges on a vulnerable computer by exploiting this vulnerability in its default configuration.” Read more ZDNet.
Insecure Amazon S3 Bucket Exposed Personal Data on 500,000 Ghanaian Graduates
- Authorities in Ghana are investigating an apparent data breach that may have exposed the personal information of hundreds of thousands of citizens of the west African country. Researchers at vpnMentor say they discovered a trove of unencrypted data tied to Ghana’s National Service Secretariat (NSS) in a storage silo from Amazon Web Services (AWS). Read more at The Daily Swig.
Leaky S3 Bucket Exposes Personal Data of 28,000 People
- A server containing full names, email addresses, phone numbers, and supplier information was left open to the public for three years. Audio equipment manufacturer Sennheiser exposed personal data belonging to around 28,000 customers through a misconfigured Amazon Web Services S3 bucket. Read more at ITPro.
Cyber-Attack on Global Affairs Canada
- Global Affairs Canada was hit a day before the Canadian Centre for Cyber Security issued a cyber-threat bulletin urging critical infrastructure operators to strengthen their defenses against known Russian-based cyber-threat activity. The attack came as the United States Department of Homeland Security warned that the US response to a possible Russian invasion of Ukraine could make the US a target of cyber-attacks by the Russian government and its proxies. Read more at Info Security.
Bernalillo County Ransomware Attack Still Felt Weeks Later
- On January 5th, government workers in Bernalillo County discovered that their offices had suffered a devastating ransomware attack. The computer systems in the government offices as well as the websites of several county departments were taken offline by the attack, but it was not announced whether any ransom was paid. The attack impacted the 675,000 residents in Bernalillo County, including those living in New Mexico’s most populous city, Albuquerque. Read more at National Cybersecurity News Today.
Linux Kernel Bug Can Let Hackers Escape Kubernetes Containers
- A vulnerability affecting Linux kernel and tracked as CVE-2022-0185 can be used to escape containers in Kubernetes, giving access to resources on the host system. Security researchers warn that exploiting this security issue is easier and more promising than initially estimated, and that patching is an urgent matter since the exploit code will soon become public. Read more at Bleeping Computer.
Owl fun and facts:
Corporal Cope had an interesting encounter on Saturday on the I-215 West belt in Salt Lake County. This little guy had been struck and injured by a F250 driving in the area. Corporal Cope rescued him, gave him a name (Owlpacino), and took care of him for the night. We hope Owlpacino makes a full recovery! Learn more.
About:
TSD began as an internal newsletter created by our security team that would be circulated to the team each Tuesday. It proved to be a great resource for all of us so we thought, why not share it with all of you? Our hope is that it helps make you just a bit more secure.
Check back here every Tuesday for more TSD or sign up below to stay in the loop!
Please reach out to us directly, via security@cyral.com or follow us on twitter @cyralinc if you have any questions, concerns, tips or anything else!
