Welcome to neoRhino IT Solutions' The Breacher Report, where twice a month we provide some of the biggest cybersecurity news and data breaches in snippets for you to keep you informed and aware of what's happening in the world of cybersecurity.

For January 1st-17th, 2020:

  • NSA Discovers Critical Windows 10 Flaw, Gets RickRolled: For the first time in history, Microsoft has released a major patch for Windows 10 as a result of disclosure from the NSA. The flaw not only affects Windows 10 users, but also Windows Server 2016 and 2019 systems respectively. According to the NSA, anyone who would be affected by an attack from his severe flaw would never know that they have been victimized since the digital signature masquerades as a trusted provider. Not only that, a researcher demonstrated how an exploit of this flaw could occur by replacing Github.com and NSA.gov’s websites with a link to Rick Astley’s “Never Gonna Give You Up” music video. While that may be amusing, with Windows 10 being a focal point of technology due to Windows 7 becoming end-of-life, the timing of this attack could not be any worse. Update to the latest patched Windows 10 OS immediately. (CNet, ArsTechnica)
  • Firefox Patches a Zero-Day Security Flaw: Mozilla recently released a new update to their FireFox web browser, Firefox 72, and have already issued a patch for a known security flaw within the latest browser update. The bug lies within the JavaScript source code compiler that can be maliciously exploited into a zero-day attack. Update to Firefox 72.0.1 for the latest patch ASAP. (Sophos)
  • Florida Clinic Endures a Nasty Ransomware Attack: The records of The Center for Facial Restoration were under the thumb of a ransomware attack, which the attackers demanded ransom payment from the individual victims of the clinic rather that the clinic itself. Reportedly the ransom demand needed to be met otherwise confidential photos and personal records were threatened to be released. The mitigation is still under process but as of now, the attackers may have run off with approximately 3,500 past and current patient records. (HealthITSecurity)
  • Office Sway Becomes a New Phishing Tool: Microsoft’s Sway program, an oft-forgotten portion of Office 365’s program suite that provides a lighter alternative to creating presentations, has now become a haven for hackers to hide bogus phishing sites within the presentation. Unlike other phishing attempts, these attacks do not come in the form of an attachment in an email, but through a login page link this is hosted through office.com. Fake hyperlinks within may be surrounded by seemingly legitimate logos and since the email itself comes from an onmicrosoft.com email address, it can bypass spoof filters, making it even more dangerous. (Avanan, HelpNetSecurity)
  • Landry’s Gets Hacked: Landry’s, a popular restaurant chain with over 600 restaurants locating across the nation, has been the victim of a credit card breach. Due to a Point-of-Sale (POS) malware that was found to have been installed on their network as early as January of 2019, Landry’s has stated that the possibility of user credit card information being compromised are through “rare circumstances.” The assortment of Landry’s restaurants in the US include Landry’s Seafood, Saltgrass Steak House, Rainforest Café, and Morton’s Steakhouse, which since these restaurants tend to have upscale patrons, increases the possibility of business or corporate credit cards being at risk. (BleepingComputer)
  • Sodinokibi Ransomware Still at Large: One of the more dangerous ransomware threats of 2019 was the Sodinokibi ransomware threat and its destruction seems to have no signs of slowing down. A recent sting of schools and MSPs (Managed Service Providers) are feeling the burn of Sodinokibi’s wake. Synoptek, a large MSP located in California is one of the more recent victims of a “credential compromise” from Sodinokibi, in which the company paid the ransom to resume operations as soon as they could. While Synoptek may have been able to get business back up and running, there is never a guarantee of that when paying off a ransomware threat. It’s always better to have maintained backups in line to be well-armed for the instance of being at the mercy of a cyber-criminal. (MSSPAlert)
  • Amazon Declares Honey Browser Extension “Harmful:” Many thrifty online shoppers utilize the popular Honey web browser extension to automatically search for coupon codes for use on their favorite websites. However, mega-retailer Amazon has alerted to their users that the Honey browser is a security risk. This also comes almost directly after Honey was acquired by PayPal, with the final line of Amazon’s alert stating, “Please note that all the same Amazon offers, deals, and coupons are available without this extension installed.” Honey responded to this in reflection of their Privacy Policy and in how they utilize user data. (The Verge)
  • Verizon Launches New OneSearch Search Engine: This week cellular provider Verizon launches a new search engine with promises of an “unbiased, unfiltered” experience. Verizon states that OneSearch will not keep record of your searches or share your data with advertisers, as well as offering a “self-destruct” mode after a set period across all its user devices. Considering that this initiative is coming from Verizon Media which runs the company’s advertising connections, it will be interesting to see how this privacy-first browser comes along. (CNet)
  • “Fleeceware” Android Apps Flood the Google Play Store: What is “fleeceware?” Fleeceware is a type of Android app that exploits the Play Store’s trial period for purchased apps through the service. Since all paid Android apps have a trial period, users may uninstall the app during the trial if they don’t like it, expecting them not to be charged. However, it was found that some app developers did not cancel the respective trial period since they did not receive a request from the user, resulting in more than 600 million users downloading and being charged by fleeceware apps. Many of these apps charged fees that were as high as $100-200 a year, for apps as simple as calculators and code scanners. (ZDNet, Sophos)
  • Microsoft Chromium Edge Browser Launches: Another internet browser launched this week in the form of Microsoft’s update to Windows 10’s Edge web browser, Chromium Edge. If that name sounds a little familiar to you (and the new logo may as well), it is because Microsoft’s new browser utilizes the same engine behind Google’s Chrome web browser. Beyond having a new interface, Chromium Edge promises a faster browsing performance, better security, an Internet Explorer-compatibility mode, and an upcoming Collections feature that easily gathers info from web pages to create simple shareable documents. Microsoft will not be automatically upgrade its current Edge users to Chromium Edge, but users will need to make sure they are on the latest version of Windows 10 to benefit from the upgrade. Look forward to our blog for our own thoughts on the Chromium Edge experience. (Engadget)

neoRhino’s Remote Managed Services and Advanced Security Packages are here so you can focus on your business needs. You can relax knowing that we are here to protect you. Call us at (281) 779-4850 for a FREE consultation and we can help your business today.