The Security Digest: #88 – Security Boulevard

A software misconfiguration briefly allowed a hacker to send out thousands of fake emails from an @ic.fbi.gov email account. Over 1 Million customers were affected by GoDaddy’s latest data breach. California Pizza Kitchen is under fire for a large database breach that leaked thousands of SSNs. Researchers have found that threat actors are hacking Microsoft Exchange servers.

Over 1 Million People Affected in GoDaddy’s Latest Breach

  • This past Monday, 1.2 Million GoDaddy, the world’s largest domain registrar, customers were affected by company’s latest fifth database breach since 2018. An “unathorized third party” was able to hack into the company’s systems on Sept. 6 before finally being noticed on Nov. 17. “We identified suspicious activity in our Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and contacted law enforcement,” Demetrius Comes, GoDaddy CISO, said in the website notice. Read more at ThreatPost.

Burnt: California Pizza Kitchen’s Data Breach:

  • California Pizza Kitchen (CPK) has recently announced a widespread data breach that leaked 100,000+ Social Security numbers belonging to active and previous employees. CPK determined that “cybercriminals had infiltrated its systems and gained access to certain files, including employee names and SSNs,” in early October. Read more at TechCrunch.

FBI Hoax Email Blast:

  • On Nov. 13, the Federal Bureau confirmed that the fbi.gov domain name and Internet address were used to send out thousands of fake emails about a cybercrime investigation. Someone claiming responsibility for the email blasts explained that it was accomplished by manipulating weak code in an “FBI online portal designed to share information with state and local law enforcement authorities.” Read more at KrebsOnSecurity.

Microsoft Exchange Servers Hacked

  • Trend Micro researchers have found that threat actors are hacking Microsoft Exchange servers using a tactic involving ProxyShell and ProxyLogon vulnerabilities to distribute malware and bypass detection using stolen internal reply-chain emails. The threat actors were able to distribute malicious emails to a company’s internal users using the victim’s compromised Microsoft exchange servers. Learn more at BleepingComputer.

Owl fun and facts:

The Wisconsin Department of Natural Resources (DNR) reports a rare barn owl nest was documented in Wisconsin for the first time in more than 20 years.

About:

TSD began as an internal newsletter created by our security team that would be circulated to the team each Tuesday. It proved to be a great resource for all of us so we thought, why not share it with all of you? Our hope is that it helps make you just a bit more secure.

Check back here every Tuesday for more TSD or sign up below to stay in the loop!

Please reach out to us directly, via [email protected] or follow us on twitter @cyralinc if you have any questions, concerns, tips or anything else!

The post The Security Digest: #88 appeared first on Cyral.

*** This is a Security Bloggers Network syndicated blog from Blog – Cyral authored by Dylan Broxson. Read the original post at: https://cyral.com/blog/the-security-digest-88/



Menu