Cybersecurity News V. 3.23 – COVID-19 drives cybercrimes, Firefox and Microsoft patch vulnerabilities
Mozilla Firefox security updates
Twelve vulnerabilities were patched by Mozilla in Firefox products. The most critical of them are CVE-2020-6814 and CVE-2020-6815. These are memory and script safety bugs showing evidence of memory corruption or escalation of privilege. With enough effort, they could have been exploited to run arbitrary code.
Netherlands hard-driven data breach
The Dutch government has lost hard drives containing the records of almost 7 million organ donors. The drives stored information gathered between 1998 and 2010 by Dutch Donor Register. The records include details such as full name, gender, date of birth, address, choice for organ donations, ID number, and signature. There is no evidence of the data having been used yet.
Coronavirus drives new cyber crimes
The World Health Organization released an advisory warning of different cybercriminal activities involving the outbreak of COVID-19. Besides phishing and social engineering scams, there is a considerable threat of misinformation and online stores selling fraudulent or counterfeit goods. Phishing scams include the distribution of malicious email attachments disgusted as real-time maps of virus spreading, official correspondence, or documents of any global healthcare organization such as WHO. For instance, the UK's National Fraud Intelligence Bureau (NFIB) reported over 21 cases of COVID-19-related fraud schemes.
Cyberattack against Illinois Public Health Agency website
Illinois Champaign-Urbana Public Health District website was hit by a ransomware attack. The site serves about 210,000 people and could be shut down for almost two weeks. There is no information on ransomware itself, and it is unclear which data became unavailable. The perpetrator has not yet been identified. The fact that Illinois has almost 20 confirmed coronavirus cases shows that other healthcare agencies involved with the epidemic could face similar threats in the future.
Microsoft Patch day
Microsoft released patches to a total of 115 vulnerabilities, 26 of which are rated critical, although none of them appear to be exploited in the wild. Patched software includes Microsoft Windows, Edge, Internet Explorer, Microsoft Exchange Server, Microsoft Office, Azure, Windows Defender, Visual Studio, and Microsoft Dynamics. Patch bundle also includes a fix for CVE-2020-0796 vulnerability, which affects Server Message Block 3.1.1 (SMBv3) in Windows 10 and Windows Server 2019. The details of the vulnerability were previously leaked by Microsoft itself due to miscommunication with security companies. These companies published details of the flaw in their advisories, which helped researchers to discover the vulnerability. The flaw looks familiar to SMBv1 vulnerability, which was exploited by WannaCry and NotPetya in 2017.
Czech hospital suffered from cyberattack
The second-biggest hospital in the Czech Republic was hit by a cyberattack. There are no details on its source or nature, with the official hospital tweet stating only that "Basic operation has been preserved, some computer systems are limited," and some scheduled operations would have to be postponed. The facility has been conducting regular tests for the novel coronavirus, and it is still unclear if the hack would affect the hospital’s ability to provide COVID-19 virus tests in the nearest future.
Slack fixes security flaw that could result in massive data breach
Slack has fixed a bug that could allow malicious actors to create automated bots that could attack the vulnerable Slack asset continuously and steal all reachable data. The essence of the bug was in the possibility of using an HTTP Request Smuggling CL.TE hijack attack on slackb.com and stealing session cookies. Thus, hackers could automate the takeover of arbitrary accounts. The bug was fixed within 24 hours after initial report.