Security Bulletin #108 – 18 May 2017
The Electronic signature technology provider DocuSign suffered a data breach
The Electronic signature technology provider DocuSign suffered a data breach, hackers have stolen email addresses from one of its servers. Threat actor behind the DocuSign hack launched a phishing campaign against the customers of the firms, anyway, announced hackers have broken into a “non-core system.” designed for sending service-related email announcements to users. Spear Phishing campaigns following a data breach represent a serious threat for customers of the hacked firm. A complete forensic analysis has confirmed that only email addresses were accessed; no names, physical addresses, passwords, social security numbers, credit card data or other information was accessed. No content or any customer documents sent through DocuSign’s eSignature system was accessed; and DocuSign’s core eSignature service, envelopes and customer documents and data remain secure. The company said it has blocked the hack and locked out attackers from its systems, it also announced additional security controls. Sources: Helpnet Security & Security Affairs
Latest Joomla 3.7.1 Release Patches Critical SQL Injection Attack
If your website is based on the popular Joomla content management system, make sure you have updated your platform to the latest version released today. Joomla, the world's second popular open source Content Management System, has reportedly patched a critical vulnerability in its software’s core component. Website administrators are strongly advised to immediately install latest Joomla version 3.7.1, released today, to patch a critical SQL Injection vulnerability (CVE-2017-8917) that affects Joomla version 3.7.0. No technical details have been provided, considering the gravity of the reported SQL Injection vulnerability, which could put millions of websites at risk of getting hacked, and eventually users visiting those sites. However, it’s easy to exploit SQL Injection vulnerability, which could allow remote hackers to steal sensitive information from the database and gain unauthorized access to websites. Therefore, you are advised to download the latest version of Joomla for your website and inform others about the release of critical patch update as well.
Bell Canada: 1.9 million customer account details stolen by hackers
Bell Canada it the largest telco operator in the country with more than 21 million customers. The company admitted on Tuesday that 1.9 million customer account details were stolen by hackers, anyway Bell Canada confirmed that no financial data (i.e. payment card numbers) or passwords have been stolen. Crooks are trying to blackmail the company and requested the payment of a ransom to avoid the full data leakage. This company clarified that the data breach isn’t linked to the recent global WannaCry malware attacks.
CERTFR-2017-ALE-008 : Multiples vulnérabilités dans Microsoft Windows XP et Windows Server 2003 (15 mai 2017)
CERTFR-2017-ALE-011 : Campagne de messages électroniques non sollicités de type Jaff (14 mai 2017)
CERTFR-2017-ALE-010 : Propagation d’un rançongiciel exploitant les vulnérabilités MS17-010 (12 mai 2017)
CERTFR-2017-AVI-158 : Multiples vulnérabilités dans le noyau Linux d’Ubuntu (17 mai 2017)
CERTFR-2017-AVI-157 : Multiples vulnérabilités dans WordPress (17 mai 2017)