fbpx

Advantex Weekly Threat Report – April 15th, 2019

A round-up of the latest cybersecurity threats and vulnerabilities online.

In this weeks ‘Advantex Weekly Threat Report’, we reveal all on the DNS hack affecting Gmail, PayPal and Netflix users, the hack of a popular WordPress plugin, and how Yahoo has pledged £90m in compensation following one of the biggest data breaches in history.

This report is aggregated from recent open source reports online.

 


 

Yahoo Pledges £90m in Compensation Fund

Yahoo has pledged £90m towards compensating the victims of a series of huge cyber attacks that struck the company between 2013 and 2016.

The attacks compromised the personal details of over 3 billion user accounts, making it one of, if not the biggest data breaches in history.

Yahoo, which merged with AOL back in 2016 after it was acquired by Verizon said:

“The settlement demonstrates our strong commitment to security.”

The revised £90m package includes £55m for compensating victims of the attack and a further £25m for monitoring, pledging their commitment to security.

 


 

Gmail, Netflix and PayPal Users Targeted In DNS Hijacking Campaign

It has been discovered that home routers such as those manufactured by D-Link have been targeted by DNS hijacking.

On April 5th, researchers identified a new wave of DNS hijacking and detected two additional illicit and rogue DNS servers: 195.128.124.150 and 195.128.124.181.

The hackers carried out these attacks with the hope that users would be deceived by replica versions of their favourite and well-known websites. But once a user inputted their data, it was instantaneously skimmed and stolen by hackers, leaving them vulnerable to fraud and various other cyber crimes.

Which Sites Are Affected?

  • paypal.com
  • gmail.com
  • uber.com
  • netflix.com
  • hostgator.com.br
  • kinghost.com.br
  • uolhost.uol.com.br
  • locaweb.com.br
  • caixa.gov.br
  • itau.com.br
  • bb.com.br
  • sicredi.com.br
  • cetelem.com.br
  • bancobrasil.com.br
  • santander.com.br
  • pagseguro.uol.com.br
  • santandernet.com.br

What Can I do?

You’re probably wondering what you can do to prevent this, well the folks at Forbes have published this handy article to help secure yours.

In addition, having some form of cybersecurity defence system in place, whether it be at home or in the workplace, is essential in this day and age – as its a matter of when not if an attack happens.

 


 

WordPress Email Plugin Hacked

WordPress email automation plugin, Mailgun has is the latest victim to fall short of the ‘spray-and-pray’ hacking campaign that has been doing the rounds across various WordPress plugins in recent months.

Hackers exploited the unpatched cross-site scripting (XSS) vulnerability in a plugin named ‘Yuzo Related Posts’. Using this back door, hackers were able to implement a malicious code onto the website, which then redirected any incoming traffic to a malicious website.

However, Mailgun was pretty quick to react, disabling the plugin and restoring the website within just a couple of hours.

Mailgun said:

“Today, at approximately 9:00 UTC, the mailgun.com webpage began issuing redirects to sites outside of our domain,”

“We immediately launched an incident to determine the source of the redirects and determined that a plugin for WordPress was responsible for issuing the redirects. We’ve disabled the plugin responsible for this issue.”

Whilst the plugin was disabled, it was still active and working on over 70,000 websites. However, Mailgun has since confirmed that none of its applications including the APIs, Dashboard and customer data was affected by the attack.

 


 

Don’t get caught out, protect your users, data, and technology!

Send us your details below and get a FREE Cybersecurity Consultation!.

We’ll carry out a FREE no-obligation consultation at your business and examine your existing infrastructure and security network(s). As well as examine what you’re currently doing, we will advise on how you can best protect your data – and help prepare you and your business for the imminent threat of a cyberattack.

Don’t take the risk, get in touch today!