Top Weekly Cyber News: May 6-11, 2019

Hi folks! You may find below the latest news about global incidents, threats and attacks handpicked by our super XM Cyber team of experts.
SC Magazine – Hackers claim compromise of four AV firms, offer source code for sale
May 10
A high-profile hacking collective claims it compromised the networks of four premiere U.S. anti-virus vendors, and is offering to sell their stolen source code for $300,000, according to researchers. [More]

BleepingComputer – U.S Indicts Chinese Hackers for Anthem Data Breach
May 9
The U.S. Department of Justice has formally charged two members of a hacking group operating in China for illegally accessing computer systems of health insurer Anthem and stealing personally identifiable information (PII) of 78.8 million people. [More]

Cyberscoop – Microsoft SharePoint vulnerability allows hackers to sift through servers, Saudi authorities warn
May 9
Hackers are exploiting a remote code execution vulnerability in Microsoft SharePoint to conduct reconnaissance on the networks of target organizations, a Saudi government cybersecurity agency said Thursday. [More]

Ars Technica – Hackers breached 3 US antivirus companies, researchers reveal
May 9
Source code, network access being sold online by “Fxmsp” collective. [More]

Data Breach Today – New Skimmer Attack Steals Data From Over 100 Ecommerce Sites
May 9
A new skimmer attack that has injected malicious JavaScript into the payment sections of 105 ecommerce websites is stealing credit card and other customer data, security researchers warn. [More]

Data Breach Today – Malware Knocks Out Accounting Software Giant Wolters Kluwer
May 9
Accounting software giant Wolters Kluwer says it’s continuing to attempt to recover from a malware attack that disrupted services for users of its cloud-based services. While some online chatter has suggested that ransomware may have been involved, the company has yet to publicly name the strain of malware involved. [More]

SC Magazine – Hackers hold 275M records on Indian citizens for ransom after removing them from open database
May 9
One week after a researcher revealed a publicly configured database exposing more than 275 million sensitive records on Indian citizens, a hacking group removed that data and replaced it with an apparent ransom note. [More]

The Hacker News – Baltimore City Shuts Down Most of Its Servers After Ransomware Attack
May 8
For the second time in just over a year, the city of Baltimore has been hit by a ransomware attack, affecting its computer network and forcing officials to shut down a majority of its computer servers as a precaution. [More]

Wired – Hackers stole $40 million from Binance cryptocurrency exchange
May 8
Binance, one of the world’s biggest cryptocurrency exchanges. As of Tuesday, it’s now also the scene of a major cryptocurrency theft. In what the company calls a “large-scale security breach,” hackers stole not only 7,000 bitcoin—equivalent to over $40 million—but also some user two-factor authentication codes and API tokens. [More]

The Hacker News – Ongoing Attack Stealing Credit Cards From Over A Hundred Shopping Sites
May 8
Researchers from Chinese cybersecurity firm Qihoo 360’s NetLab have revealed details of an ongoing credit card hacking campaign that is currently stealing payment card information of customers visiting more than 105 e-commerce websites. [More]

The Hacker News – Chinese Hackers Used NSA Hacking Tools Before Shadow Brokers Leaked Them
May 7
In a shocking revelation, it turns out that a hacking group believed to be sponsored by Chinese intelligence had been using some of the zero-day exploits linked to the NSA’s Equation Group almost a year before the mysterious Shadow Brokers group leaked them. [More]

DarkReading – Password Reuse, Misconfiguration Blamed for Repository Compromises
May 6
Armed with stolen credentials from another breach or from a misconfigured file, attackers delete developers’ repositories on GitHub, Bitbucket, and GitLab, leaving behind ransom notes. [More]

The Hacker News – Israel Neutralizes Cyber Attack by Blowing Up A Building With Hackers
May 6
The Israel Defense Force (IDF) claims to have neutralized an “attempted” cyber attack by launching airstrikes on a building in Gaza Strip from where it says the attack was originated. [More]



Purple is the New Black


Find and fix the exposures that put your critical assets at risk with ultra-efficient remediation.

See what attackers see, so you can stop them from doing what attackers do.