Hacken Token
$ -- --.--

Weekly News Digest #28

Dutch data protection authority fines Booking.com €475K

The €475,000 fine was imposed by the European Union regulator on one of the most popular hotel booking sites in the world Booking.com for the late reporting on a data breach.

Booking.com has offices in many countries but its headquarters is located in Amsterdam, the Netherlands, and that is why the fine was imposed by the Dutch data protection authority. The credit card details of close to 300 clients were compromised by cybercriminals who also stole the personal data of more than 4,000 customers of the company. 

Booking.com failed to report on data break within a 72-hour deadline. The company reported on the incident on February 4, 2019 – a month after its occurrence.   

The vice president of the Dutch Data protection authority Monique Verdier commented on the incident: “This is a serious violation”. According to his words, a data breach could have happened everywhere and all companies may have been exposed to such a threat, however, it was companies’ obligation to report on such incidents to prevent further damage to customers. 

Since the entry into force of the General Data Protection Regulation in 2018, it is the eighth fine imposed by the Dutch regulator. 

Read more

Official PHP Git server compromised

Nikita Popov, PHP programming language developer and maintainer reported on 2 malicious commits added to the php-src repository on Sunday.  These commits were signed off under his name and the name of PHP creator Rasmus Lerdorf. According to Popov, the commits were masked as common typographical errors to be resolved.  

The contributors did not neglect the detection and noted that arbitrary code within the user-agent HTTP header was triggered by the malicious code when a string began with Zerodium-related content.

The main purpose behind the design of the code was to enable remote code execution by planting the malicious code in the PHP project’s code base.

Read more

Emergency update for iPhones, iPads, and Apple Watch 

Apple has released a special update to patch critical vulnerability detected in OS, iPadOS, and watchOS. The three patches released by Apple are iOS 14.4.2, iPadOS 14.4.2, and watchOS 7.3.3.

Threat Analysis Group of the company Google detected the vulnerability in question. Apple’s WebKit browser engine has been severely affected by the active exploitation of the vulnerability. 

Apple does not disclose detailed information on the revealed vulnerability. However, such vulnerabilities are likely to be exploited by malicious actors to direct users to phishing sites. 

The vulnerability is very critical since Apple has pushed out iOS 12.5.2 for its older devices such as iPad Air, iPad mini 2, iPad mini 3, iPod touch (6th generation), iPhone 5s, iPhone 6, and iPhone 6 Plus.

Read more

20M Downloads Racked up by Malicious Cryptomining Images in Docker Hub

More than 30 malicious images with 20 million downloads in total have been used for spreading crypto-mining malware, findings of the analysis.

According to Aviv Sasson, a senior security researcher at Palo Alto Networks, who detected and reported the malicious activity, the images in question have been spread across 10 various accounts in Docker Hub and raked in close to $200,000 from crypto-mining. 

Based on Sasson observations, Monero has been the most popular cryptocurrency in the instances and it accounted for almost 90% of all activity. Due to its hidden transaction paths, Monero provides “maximum anonymity” to users and may be mined in a cost-effective way. Any machine may be used to run Monero crypto operations and, thus, Monero has comparative advantages over Bitcoin since the latter can require, for example, a GPU for economical mining due to its better processing speed.

Trojanized images are used to spread malware through the cloud. These images have been available to the public within the container registry of the Docker Hub for use in building cloud applications. Absolutely anyone can upload images to the Docker Hub account. 

Read more

Gibberish unintentionally posted to the U.S. US nuclear-agency account

According to the information provided by the department, the nonsense tweet was sent out from the official account unintentionally. The kid of the agency’s social media manager found an open laptop and entered random symbols and then accidentally sent them. The nonsense tweet “;l;;gmlxzssaw” was published on 28 March 2018. 

@USSTRATCOM is responsible for controlling the launch codes for the US nuclear arsenal and that is why the nonsense tweet was met with serious alarm. Daily Dot reporter Mikael Thalen, filed a Freedom of Information Act (FOIA) request for getting answers.

There was a serious fear among key media that the official account could have been hacked. USSTRATCOM stressed that the tweet appeared unintentionally since the agency’s social media manager simply left his computer unattended when working remotely. 

Read more

Subscribe to our research

Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email.

    hackenproof logo

    The world trusted Bug Bounty Platform. Run custom-tailored Bug Bounty Programs to secure your business and assets.