Latest News Articles

--- TLP:WHITE ---
(https://first.org/tlp/)

########################################################
#### CSIRT-IE End of Week Report ####
########################################################

Date   : Friday 24-05-2019 10:00 ; Friday 31-05-2019 10:00

=====================================
= News =
=====================================
− First American Financial Exposed Millions of Sensitive Documents
The website of financial services company First American Financial
until recently exposed hundreds of millions of documents containing
sensitive information, security blogger Brian Krebs reported on Friday.

https://krebsonsecurity.com/2019/05/first-american-financial-corp-leaked
-hundreds-of-millions-of-title-insurance-records/


− Ireland Gets About Double the Average Breach Reports Under GDPR
The Irish Data Protection Commission (DPC) published today the official
number of complaints and data security breaches reported to the Data
Protection Authority (DPA) since the General Data Protection Regulation
(GDPR) was enacted on May 25, 2018. While 3,188 data breaches were
reported to each EU....

https://www.bleepingcomputer.com/news/security/ireland-gets-about-double
-the-average-breach-reports-under-gdpr/	

− Eternally Blue: Baltimore City leaders blame NSA for ransomware
attack
Eternally Blue: Baltimore City leaders blame NSA for ransomware attack

https://news.hitb.org/content/eternally-blue-baltimore-city-leaders-blame-
nsa-ransomware-attack


− POS Malware Steals Users Payment Card Details from Checkers Drive-In
Restaurants
The Checkers and Rally’s Restaurants, Inc disclosed a security breach
that involved with malware on point-of-sale terminals which allowed
hackers to steal payment data. Checkers and Rally’s restaurants operate
in 28 states, and it is one of the largest double drive-thru
restaurants in the United States.

https://gbhackers.com/pos-malware-steals-users-payment-card-details-from-
checkers-drive-in-restaurants/


− Hundreds of Thousands of ‘Pirate’ Sites Disappear Following Takedown
Notices
Hundreds of Thousands of ‘Pirate’ Sites Disappear Following Takedown
Notices

https://news.hitb.org/content/hundreds-thousands-pirate-sites-disappear-
following-takedown-notices

=====================================
= Vulnerabilites =
=====================================

− One Million Devices Vulnerable to BlueKeep as Hackers Scan for
Targets (CVE-2019-0708)
Nearly one million devices are vulnerable to attacks involving the
Windows vulnerability dubbed BlueKeep and it appears that hackers have
already started scanning the web in search of potential targets.

https://www.securityweek.com/one-million-devices-vulnerable-bluekeep-
hackers-scan-targets


− PostgreSQL Remote Code Execution (CVE-2019-9193)
A remote code execution vulnerability exists in PostgreSQL. Successful
exploitation of this vulnerability could result in arbitrary code
execution on the victim machine.

http://www.checkpoint.com/defense/advisories/public/2019/cpai-2019-0658
.html


− SA19052801 Fortinet Products Multiple Vulnerabilities
Multiple vulnerabilities have been identified in Fortinet, which could
be exploited by attackers to cause the following impact(s): Cross-Site
Scripting Elevation of Privilege Security Restriction Bypass Information
Disclosure

https://www.hkcert.org/my_url/en/alert/19052801


− Intezer team finds unknown malware that attacks Linux systems
that, unlike many common strains of malware, which were used to
facilitate DDoS attacks or cryptocurrency mining, HiddenWasp appeared
to be making the Linux systems it attacked available for later use by
the attackers in question. The exact purpose of the whole campaign was
not known or indicated.

https://www.itwire.com/security/intezer-team-finds-unknown-malware-that-
attacks-linux-systems.html


=====================================
= Community News =
=====================================
− EternalBlue reaching new heights since WannaCryptor outbreak
Attack attempts involving the exploit are in hundreds of thousands
daily The post EternalBlue reaching new heights since WannaCryptor
outbreak appeared first on WeLiveSecurity

https://www.welivesecurity.com/2019/05/17/eternalblue-new-heights-
wannacryptor/


− How mainstream media coverage affects vulnerability management
Help Net Security features Tenable Research's latest report about how
media coverage impacts vulnerability management programs.

https://www.helpnetsecurity.com/2019/05/24/media-coverage-vulnerability-
management/


--- TLP:WHITE ---