Security News > 2020 > October

A vulnerability patched one week ago by Oracle in its WebLogic Server product has already been targeted for exploitation. The vulnerability can be exploited remotely and without authentication, allowing an attacker to execute arbitrary code.

Home Depot has exposed the private order confirmations of hundreds of Canadian consumers, containing names, physical addresses, email addresses, order details and partial credit-card information. After customers began reporting that they had received hundreds of emails from the home-improvement giant, each containing an order confirmation for a stranger, the company confirmed the issue.

The FBI warns of a threat against the healthcare sector from Ryuk ransomware, and one that's already affected some hospitals. The healthcare industry continues to be a prime target for ransomware, so much so that the FBI and two other government agencies are now warning this sector of impending attacks using the infamous Ryuk ransomware.

What I found is that I can ask Waze API for data on a location by sending my latitude and longitude coordinates. Except the essential traffic information, Waze also sends me coordinates of other drivers who are nearby.

The flaw in the console component of the WebLogic Server, CVE-2020-14882, is under active attack, researchers warn. If an organization hasn't updated their Oracle WebLogic servers to protect them against a recently disclosed RCE flaw, researchers have a dire warning: "Assume it has been compromised."

Microsoft has released the KB4580364 non-security update that fixes bugs causing responsiveness issues on affected Windows 10 2004 devices. Windows 10 users who install the KB4580364 release preview update might experience issues with input, might not be able to enter text, or receive unexpected results if using the Microsoft Input Method Editor for Japanese or Chinese languages.

The DoppelPaymer ransomware gang has released unencrypted data stolen from Hall County, Georgia, during a cyberattack earlier this month. On October 7th, Hall County in Georgia announced that they had suffered a ransomware attack that impacted their networks and phone systems.

The Russia-linked cyber-espionage group known as Turla was recently observed targeting a European government organization with a combination of backdoors, security researchers at Accenture reveal. In a recent attack on such an organization in Europe, Turla was observed employing a combination of remote procedure call-based backdoors, including the HyperStack backdoor, and Kazuar and Carbon remote administration Trojans.

Researchers tracking malicious use of parked domains have spotted the Emotet botnet using such domains to deliver malware payloads as part of a large scale phishing campaign. Domain owners park their domains using parking service providers to monetize them via advertisement networks while they're not being used to host an active website or online service.

Motorola will push ThinkShield onto the business end of its smartphone portfolio, as an extension of the security and management programme on Lenovo's laptop and desktop line. ThinkShield for mobile devices consists of four components, with the first being a "Clean OS". In practice, this means Motorola will avoid loading up devices with unnecessary non-stock software, from additional bloatware to UI overlays.