/ 12.14.18 / Alan Hernandez

Weekly Cybersecurity Report - Brazilian Server Exposes Citizen IDs

Share This Post:

Weekly Cybersecurity Report - Brazilian Server Exposes Citizen IDs

1. WordPress Bot-net infects 20,000 WordPress sites

nakedsecurity.sophos.com- Author: Danny Bradbury - Date: December 10th, 2018 

WordPress attackers have infected 20,000 WordPress sites by using a botnet to perform brute force attacks to gain access as WordPress site administrators. Once they have gained access they then use those sites to infect more WordPress installations. The bot-net infects sites using a feature known as XML-RPC, which allows the bot-net to make remote requests to the server written in XML. Subsequently, attackers exploited this feature by trying a vast array of usernames and passwords to gain access to the WordPress site as an admin and take control. As a precaution, it is advised to check your audit logs frequently for any suspicious activity and to also enable multi-factor authentication (or two-factor authentication) for your WordPress site... Continue Reading


2. Hacker Campaign Targets Defense and Government Organizations

cnbc.com - Author: Ryan Browne - Date: December 12th, 2018 

In recent sophisticated campaign, hackers targeted individuals at Defense and Government organizations by sending messages disguised as recruitment campaigns in order to bait them into opening a malicious document. Once the document was opened a malicious back-door program called "Rising Sun" installs itself on the victim's machine allowing the attacker to access usernames, IP addresses, network configuration and system settings data... Continue Reading


3. College and University Networks Lacking in Network Security

darkreading.com - Author: Curtis Franklin Jr. - Date: December 13th, 2018 

Recent research has shown that college and university networks are becoming a greater target for aggressive security attacks. At the same time, these networks are struggling to keep up their defenses with the increased attacks. The complexity of fortifying their defenses becomes even greater when considering how most users on their networks are using a diverse range of devices. While students are a common vector of attack for compromising security the main targets remain to be business applications from third-party vendors because they contain and store sensitive data... Continue Reading


4. Brazilian Citizen Identity Numbers Exposed on Mis-configured Apache Server

infosecurity-magazine.com- Author: Phil Muncaster - Date: December 13th, 2018

120 million Brazilian Identity numbers have been publicly exposed on the Internet due to the poorly configured Apache server. The CPF ID numbers of Brazilian Citizens issued by Brazil's central bank to all tax paying residents were accessible through a simple Internet search. Researcher's at InfoArmor issues a report stating, “Upon closer examination of the server that was discovered by InfoArmor’s researchers, it was found that someone had renamed the ‘index.html’ to ‘index.html_bkp,’ revealing the directory’s contents to the world. Anyone who knew the filename or navigated to it would have unfettered access to all the folders and files within,”... Continue Reading


5. SECURITY TREAT OF THE WEEK: Monopoly Man Makes Appearance During Sundar Pichai’s Hearing

cnbc.com - Author: Lauren Feiner - Date: December 11th, 2018

The self-dubbed Monopoly Man, identified as Ian Madrigal on social media, made an appearance during Sundar Pichai's hearing in front of the House Judiciary Committee this Tuesday. In some of the filmed coverage of the Mr. Pichai's testimonies, you can see the Monopoly man in the background listening intently... Continue Reading



Posted by Alan Hernandez