Security News

Bugs in the implementation of Microsoft Exchange's Autodiscover feature have leaked approximately 100,000 login names and passwords for Windows domains worldwide.In a new report by Amit Serper, Guardicore's AVP of Security Research, the researcher reveals how the incorrect implementation of the Autodiscover protocol, rather than a bug in Microsoft Exchange, is causing Windows credentials to be sent to third-party untrusted websites.

Microsoft today revealed it fixed a vulnerability in its Azure Container Instances services that could have been exploited by a malicious user "To access other customers' information." Azure Container Instances is a serverless container environment.

Network security solutions provider Fortinet confirmed that a malicious actor had unauthorizedly disclosed VPN login names and passwords associated with 87,000 FortiGate SSL-VPN devices. "These credentials were obtained from systems that remained unpatched against CVE-2018-13379 at the time of the actor's scan. While they may have since been patched, if the passwords were not reset, they remain vulnerable," the company said in a statement on Wednesday.

A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer.While the threat actor states that the exploited Fortinet vulnerability has since been patched, they claim that many VPN credentials are still valid.

A bug in the McDonald's Monopoly VIP game in the United Kingdom caused the login names and passwords for the game's database to be sent to all winners. After skipping a year due to COVID-19, McDonald's UK launched their popular Monopoly VIP game on August 25th, where customers can enter codes found on purchase food items for a chance to win a prize.

The Ragnar Locker ransomware group is warning that they will leak stolen data from victims that contact law enforcement authorities, like the FBI. Ragnar Locker has previously hit prominent companies with ransomware attacks, demanding millions of dollars in ransom payments. In an announcement published on Ragnar Locker's darknet leak site this week, the group is threatening to publish full data of victims who seek the help of law enforcement and investigative agencies following a ransomware attack.

Indonesian authorities have admitted that the COVID-19 vaccination certificate of the nation's President has circulated online and tried to explain that it's an indication of admirable transparency, rather than lamentable security. In one camp are those who argue that the document's unplanned public debut is more evidence that Indonesia's government is bad at securing information.

The announcement came after the LockBit ransomware gang had posted a message on their leak site claiming the breach and threatening to publish stolen data unless the ransom was paid. LockBit is the same hacker group that breached Accenture global IT consultancy giant and demanded a $50 million payment to stop the leak of allegedly 6TB of stolen data.

Indonesia's Ministry of Communications and Informatics is investigating a leak of over a million records from the nation's COVID-19 quarantine management app. News of the leak was revealed on August 30th by security review site vpnMentor, which wrote that its research team discovered exposed databases generated by eHAC, an app that is mandatory for use by travellers moving into and out of Indonesia, or within its borders.

Based on customer data, the findings clearly illustrate there is a magnitude of SaaS data exposure, with 40% of all SaaS assets unmanaged, providing internal, external and public data access. Although cloud-based applications dramatically increase the efficiency and productivity throughout an enterprise, there is a significant threat that is often underestimated by CIOs and CISOs - unchecked and unmanaged data access by the SaaS provider.