Stemming from a security incident first identified in July, customer identification data from rental contracts over the last 8 months were leaked after a data breach at U-Haul. In other cybersecurity news, WordPress users utilizing the WPGateway plugin were vulnerable to a zero-day attack that allowed for the adding of unauthorized administrators to WordPress sites.
Lorenz ransomware exploits VOIP vulnerability
Actors for the Lorenz ransomware group have begun exploiting a serious vulnerability found in VOIP phone devices for enterprise customers, that allows the group to illicitly access the victim organization’s entire network. Lorenz has been targeting Mitel appliances that are connected to an internal network and use it as the initial attack vector before starting the encryption process. While a patch for this particular vulnerability was developed and distributed back in June, many organizations (including governments) have yet to actually implement the fix and are leaving themselves vulnerable to remote execution attacks.
Deadbolt ransomware targets Taiwanese storage devices
Researchers have been tracking the steady rise in Deadbolt ransomware attacks that seem to be focused solely on network-attached devices developed by Taiwanese company QNAP, which use a vulnerability in the hardware to spread the infection. Over the summer, researchers noticed a 674% rise in Deadbolt infections, from roughly 2500 global infections to over 19,000 infections in two months. Deadbolt operates a bit different from most ransomware in that it only encrypts specific backup directories and gives victims complete instructions on removing the infection.
U-Haul confirms data breach
Last week, officials for U-Haul International confirmed that the company has suffered a data breach that leaked customer identification data from rental contracts over the last 8 months. A security incident was first identified in July, and by August had revealed that an unauthorized attacker had gained access to a sizable portion of truck rental contracts and compromised highly sensitive customer data. Fortunately, U-Haul does not store customer payment card data, so past clients have less to worry about.
WordPress management plugin exploited in Zero-day attacks
WordPress customers who use the WPGateway plugin for dashboard management have recently been contacted by the WordFence security team regarding zero-day attacks that are using a vulnerability to add unauthorized administrators to WordPress sites. Users are being encouraged to remove WPGateway until an official patch has been released, and to monitor their site dashboards for any suspicious admin accounts.
British PVC manufacturer suffers data breach
Upwards of 2,000 current and former employees of Eurocell, a British PVC manufacturer, have been affected by a data breach that compromised all stored employee information. The company has already sent out letters to affected employees informing them of the potential misuse of their personally identifiable information, though there has been no indication that they are working to provide the victims with identity monitoring services.
