Hacks & Breaches of the Month —May

security breach

Hacks & Breaches of the Month —May

Unfortunately like every other month, we have an extensive list of hacks, data attacks, security breaches and exposed flaws to report on. A short recap and rundown of what you might have missed in consumer personal data leaked and exposed. Read on for the latest May hacks & breaches of the month.

Week 1 (May 1 – 10):

Dell Support software hacked.

Dell computer support assist checks the health of your computer system’s hardware and software. A researcher found a vulnerability noting that hackers could exploit a non-updated version of the tool to take over a user’s computer by gaining code execution at admin level privileges. After the finding was reported, Dell security team and has fixed the bug in its SupportAssist tool. If you have the tool installed we recommend you update it to the latest version.

hacks & breachesCity of Baltimore network down 

For the second time, Baltimore city government computers have been infected by ransomware. Malicious hackers are demanding that a ransom is paid for the safe recovery of encrypted files on the affected computers and servers. Only police and fire departments remained operational. The email systems used by municipal employees, phone lines and online bill payments were impacted by the attack.

hacks & breachesMagento Credit Card Hacking 

Researchers have discovered an ongoing credit card hacking campaign. Over 105 e-commerce websites were identified as running JavaScript which is hosted on the malicious domain magento-analytics[.]com. This JavaScript skims and collects the credit card information used to make the purchase on these sites.

hacks & attacksTwitter Bug exposes users location

Twitter discloses a bug that resulted in an account’s location data being shared with a Twitter partner. Only a portion of the Twitter iOS user base was affected, and have been notified of the issue.

Boost Mobile Accounts Hacked

Boost Mobile owned by Sprint has confirmed hackers broke into an unknown number of customer accounts. The hackers used those phone numbers and account PINs to break into customer accounts using the company’s website Boost.com. A spokesperson for Sprint did not immediately comment. However, the company has sent affected customers a text with a temporary PIN.

hacks & breachesWhatsapp Spyware Attack

WhatsApp urging users to update asap, after a zero-day vulnerability found and exploited by attackers who were able to inject spyware to victims’ phones.

The popular messaging app owned by Facebook, WhatsApp discovered early May that attackers were installing surveillance software on iPhones and Android phones. The company has made a statement, “Monday WhatsApp Advisory has confirmed a security flaw, and since has been patched.” Basically, attackers used the app’s calling function and exploited a vulnerability in the VoIP stack to install the surveillance software. Users are urged to update to the latest version of the app which includes patches to protect against this vulnerability.

hacks & breachesGoogle Recalls Bluetooth Titian security keys 

Google discloses a security bug on its bluetooth security keys. The security these keys are ment to provide can be circumvented by an attacker in close proximity due to a “misconfiguration in the Titan Security Key’s Bluetooth pairing protocols” says the company. Existing users are being provided a free replacement. The bug affects all Titian Bluetooth keys that have T1 or T2 on the back. Google notes security keys are the strongest protection against phishing emails. The company also offers a few tips for mitigating the potential security issues here.

hacks & breachesTeamviewer software hacked 

Teamviewer reports it was compromised in 2016. The software is a popular remote-support tool that allows you to securely share your desktop or take control of other’s PC over the internet from anywhere around the world.

 

hacks & breachesSnapchat Employees Access To Users Accounts 

Reports of Snapchat employees spying on users accounts with a master tool called SnapLion. The tool was developed to allow the company access to user accounts in order to comply with legitimate legal requests from law enforcement. The company has since cracked down on who can access SnapLion.

hacks & breachesCanva Users Data Breach

Graphic design service Canva suffers a data breach of 139 million affected users. The company notified customers through email sent out on May 25th. Canva didn’t say how many records were accessed but the information accessed included user names, emails, and passwords. As always, we remind you to use different passwords for all your applications and digital logins to prevent this king of breach affecting more important online resources like your online banking. We also recommend users to change their passwords now!

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

About SmartFix

We are a family owned business that provides fast, warrantied repairs for all your mobile devices.

Brooklyn Area

2307 Beverley Rd Brooklyn, New York 11226 United States

1000 101-454555
support@smartfix.theme

Store Hours
Mon - Sun 09:00 - 18:00

San Francisco Area

358 Battery Street, 6rd Floor San Francisco, CA 27111

1001 101-454555
support@smartfix.theme

Store Hours
Mon - Sun 09:00 - 18:00