Security for Everyone!

Sunday Weekly 9

And here comes another issue of the Sunday Weekly… On Mondays!

Nippon Telegraph and Telephone (NTT) announced they had been breached. It seems not a lot of costumers have been impacted, around 600 cloud users, but what is interesting is how the bad actors were able to access: Active Directory services. Here you have the official statement.

Joomla, a popular CMS, has also communicated a recent data breach. This time it was a clear human error that left an unencrypted backup in an Amazon S3 bucket. Information leaked is related to businesses that offer Joomla services. It could include full names, emails, hashed passwords, and IP addresses.

Windows 10 2020 May update is available. Here you will find a list of some of the new features available. Some cool stuff, so check it out.

There is an Android flaw that would allow an attacker to hijack apps. This is a new version of a defect found last year, named Strandhogg. You have all the technical information here for the first version and here for the newer one.

The NSA published a warning about how the Russian GRU is using a vulnerability in operating systems running in ICS equipment. The attack allows one to execute shell commands on the host and network that the system is running on, allowing them to move to another network. It’s a patched vulnerability, but many people still haven’t updated, and maybe that is why the NSA has stressed it out. 

Last but not least, do you remember the data breach Easyjet announced last week? Well, it looks like the first lawsuit arrived.

That’s all for now! Remember to follow me on Twitter and, as usual, stay safe!

Leave a Reply