Cyber Security News — Past 24 hours | 24.05.2021

Domino’s Data Leak Exposed Data of 18 Crore Orders

The famous Pizza company Dominos suffered a data leak again this year wherein the details of 18 crore orders are made accessible on the dark web, according to some security experts. A hacker alleged that earlier in April he had successfully gained access to Dominos data in the value of 13TB. Data belonging to more than 180,00,000 purchase orders containing telephone numbers, e-mail addresses, and billing information, and user credit card details would be included in the leak. « If you have ever ordered @dominos_india online, your data might be leaked.

Data include Name, Email, Mobile, GPS Location, etc,» Rajaharia tweeted. He said that users’ data were sold for about ten BTC by hackers. The hackers want to create a search engine to enable data to be queried, Gal further added. The data compromised include 10 Lakh credit card details and even addresses of people who have purchased Dominos Pizza.

However, Dominos India had denied leakage of financial information of users in a declaration given to Gadgets 360. « No data about financial information of any person was accessed and the incident has not resulted in any operational or business impact». «As a policy, we do not store financial details or credit card data of our customers, thus no such information has been compromised. »

Source — https://www.ehackingnews.com/2021/05/dominos-data-leak-exposed-data-of-18.html

A malware attack hit the Alaska Health Department

The Alaska health department website was forced offline by a malware attack, officials are investigating the incident. The website of the Alaska health department was forced offline this week by a malware attack. “The health department in a statement late Tuesday said its website was taken offline Monday while an investigation takes place.” reported the Associated Press. “At the end of April, the Alaska court system was hit by a similar attack, on April 29 the attackers placed malware on the system, prompting the IT staff to disconnect online services on May 1. “

“At this time, there are no details about who initiated the attack, why they targeted DHSS, whether this attack is related to any other recent attacks, or how long the website may be down,” the Department of Health and Social Services said in its statement.

Source — https://securityaffairs.co/wordpress/118184/cyber-crime/alaska-health-department-malware.html

Details Disclosed On Critical Flaws Affecting Nagios IT Monitoring Software

Cybersecurity researchers disclosed details about 13 vulnerabilities in the Nagios network monitoring application that could be abused by an adversary to hijack the infrastructure without any operator intervention. Nagios is an open-source IT infrastructure tool analogous to SolarWinds Network Performance Monitor that offers monitoring and alerting services for servers, network cards, applications, and services. The issues, which consist of a mix of authenticated remote code execution and privilege escalation flaws, were discovered and reported to Nagios in October 2020, following which they were remediated in November. «Namely, if we, as attackers, compromise a customer site that is being monitored using a Nagios XI server, we can compromise the telecommunications company’s management server and every other customer that is being monitored,» the researchers said in a write-up published last week.

CVE-2020–28900 — Nagios Fusion and XI privilege escalation from nagios to root via upgrade_to_latest. CVE-2020–28901 — Nagios Fusion privilege escalation from apache to nagios via command injection on component_dir parameter in cmd_subsys. CVE-2020–28902 — Nagios Fusion privilege escalation from apache to nagios via command injection on timezone parameter in cmd_subsys.

CVE-2020–28911 — Nagios Fusion information disclosure: Lower privileged user can authenticate to fused server when credentials are stored

With SolarWinds falling victim to a major supply chain attack last year, targeting a network monitoring platform like Nagios could enable a malicious actor to orchestrate intrusions into corporate networks, laterally expand their access across the IT network, and become an entry point for more sophisticated threats.

Source — https://thehackernews.com/2021/05/details-disclosed-on-critical-flaws.html

What To Do When Your Business Is Hacked

As businesses move to a remote workforce, hackers have increased their activity to capitalize on new security holes. These include phishing emails to harvest credentials and gain easy access to business-critical environments.

What do these steps include?

There is a chance that if you discover ransomware or other evidence of the hack on your network, it may not have made it to all business-critical data and systems. While not pleasant to do so, disclosing security incidents as quickly as possible creates an atmosphere of transparency that generally reflects well on the organization in the long run. Organizations may be liable under compliance regulations to report any breach of security as well. If your business is a victim of a cyberattack, engaging with law enforcement is an important step.

The disaster recovery plan outlines the steps needed to operate the business with degraded systems or missing business-critical data. After discovering a hack of your business, the disaster recovery plan should be enacted. These plans reestablish business continuity as soon as possible. They also get everyone on the same page for streamlining business processes, even in a degraded state.

After system integrity has returned to normal and the imminent security threat has been removed, businesses will want to analyze the attack and remediate any vulnerabilities. No matter how large or small, any type of breach or successful attack should be used to understand where the security posture can be improved. Compromised credentials are a significant root cause of modern data breaches.

Wrapping Up

Data breaches, ransomware infections, and other types of hacks are all too common for businesses today.

Source — https://thehackernews.com/2021/05/what-to-do-when-your-business-is-hacked.html

Stay Focused. Stay Vigilant.

Cyber Threat Incident Management Team — Cyber Security Community @ SLIIT

--

--

--

First they begin with Us..

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How Synchronized Token Pattern Works?

Napbots Telegram channel scam

Is Houzz “Legal Counsel” Concealing a Data Breach “Befez”?

Designing Privacy

Are we ready for the information war?

secure network management

{UPDATE} 文明起源:模拟经营原始部落 Hack Free Resources Generator

Node and $FORGE rewards update

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
SLIIT CS2

SLIIT CS2

First they begin with Us..

More from Medium

IoT in Agriculture: A Smarter Way to Farm with Internet of Things

IoT in Agriculture

OFAC Checker: A revolutionary sanction list screening app

Remote Browser Isolation — The Next Step in Endpoint Security?

Troubleshoot in k8s