This Week in Security News: Trickbots and Infected Containers

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how a Trickbot attacked a school district’s networks and how infected cryptocurrency-mining containers target docker hosts with exposed APIs.

Read on:

Trickbot Attack Forces Ohio School District to Cancel Classes

A school district in Ohio suspended classes on Monday, May 20, because of a Trickbot attack on its network and computers.

The IoT Attack Surface: Threats and Security Solutions

Part of adopting the IoT is anticipating what else the technology brings to the environments it is being applied to — not least of which are security concerns that can give rise to successful attacks on IoT systems and devices.

Hacker Has Designs on Canva Data, Steals Info Belonging to 139M Users

The graphic design website Canva was hacked in a data theft incident, which exposed usernames, email addresses, encrypted passwords, customer names and more.

CVE-2019-0725: An Analysis of Its Exploitability

A remote code execution vulnerability from May’s Patch Tuesday is particularly hard to ignore: CVE-2019-0725, an RCE vulnerability in Windows Dynamic Host Configuration Protocol (DHCP) Server, which doesn’t require user interaction and affects all versions of Windows Server.

New Mirai Variant Uses Multiple Exploits to Target Routers and Other Devices

Trend Micro discovered a new variant of Mirai that uses a total of 13 different exploits in a single campaign – the first Mirai variant to do so – and has backdoor and distributed denial-of-service (DDoS) capabilities.

First American Hit with Class Action Lawsuit Over Massive Data Exposure

Insurance giant First American Financial is facing a class action lawsuit for negligence after it left more than 885 million sensitive documents dating as far back as 2003 exposed online.

CVE-2019-11815: A Cautionary Tale About CVSS Scores

At first glance, the details for Linux kernel vulnerability CVE-2019-11815’s score from CVSS seem like a worst-case scenario but assessing a vulnerability’s potential impact goes beyond the attack vector, privileges, and CIA impact of the base score.

Flipboard Says Hackers Stole User Details

Flipboard, a news aggregator service and mobile news app, has started notifying users of a security incident during which hackers had access to internal systems for more than nine months.

Infected Cryptocurrency-Mining Containers Target Docker Hosts With Exposed APIs, Use Shodan to Find Additional Victims

By analyzing the logs and traffic data coming to and from a honeypot, Trend Micro found a container that came from a public and accessible Docker Hub repository named zoolu2 that contained images with the binary of a Monero cryptocurrency miner.

Nearly 1 Million Systems Affected By ‘Wormable’ BlueKeep Vulnerability (CVE-2019-0708)

Almost a million systems are reportedly vulnerable to BlueKeep, a critical vulnerability in remote desktop services, but Microsoft’s Patch Tuesday for May already rolled out patches for BlueKeep and security advisories were released to help users address the vulnerability.

Under GDPR, UK Data Breach Reports Quadruple

The United Kingdom has seen the number of data breach notifications more than quadruple since Europe’s GDPR privacy law went into full force a result of mandatory reporting driving better visibility

Where you surprised that a Trickbot attack could cause school districts to cancel classes? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

The post This Week in Security News: Trickbots and Infected Containers appeared first on .


This is a companion discussion topic for the original entry at https://blog.trendmicro.com/this-week-in-security-news-trickbots-and-infected-containers/