Silobreaker Daily Cyber Digest – 23 October 2018
iPhone users vulnerable to fake Spotify iTunes email
- iPhone users are being warned of a new scam that uses a phishing email claiming to be from Apple and Spotify, aimed at stealing Apple login details.
Leaks and Breaches
Trade.io loses $7.5 million in cryptocurrency after wallet hack
- The Trade.io cryptocurrency exchange has admitted to a security breach that led to the theft of over 50 million Trade tokens (TIO) worth $7.5 million. The attack that occurred on Sunday 21st October 2018, targeted the exchange’s cold storage wallets from which funds were withdrawn. The perpetrator behind the attack remains unknown.
- The stolen funds belong to Trade.io and are ‘held in reserve to funnel into its liquidity pool’ in cases of trading activity peaks. The incident does not affect users registered on the exchange nor has any impact on day-to-day trading activity, ZDNet reports.
File overwrite bug in Windows 10
- Build 1809 of Windows 10 does not appear to be prompting users if they wish to overwrite files when a zip file is extracted. Normally, a confirmation prompt is offered, but this has disappeared, allowing a user to inadvertently overwrite documents.
- According to an IT Staff Engineer at Microsoft, this issue has been patched in Windows 10 build 18234.
Tools and scripts leveraging Libssh vulnerability released
- Following the discovery and publication of CVE-2018-10933, a vulnerability in libssh, multiple scripts and tools have been released allowing easy remote exploitation of systems running vulnerable versions. These include a script by Leap Security that will scan for vulnerable devices, and another by ‘Kshitij Khakurdikar’ that will actually exploit it. Vendors with affected devices have released advisories regarding the vulnerability.
Signal application stores data in plaintext during upgrade
- Security researcher Matt Suiche tweeted that Signal, an encrypted messaging application, appears to save text and attachment data in unencrypted text files on a user’s disk, in order to import it into Signal Desktop when transitioning from the Signal Chrome Extension.
- Each folder is named after a contact, including their contact details, and chat conversations are stored in JSON format within each folder.
Future Investment Initiative website targeted by cyber attack
- The website of the Saudi Future Investment Initiative (FII) 2018 was taken down on Monday, following an apparent cyber attack. Messages criticizing Saudi Arabia’s role in the war in Yemen and accusing the kingdom of terrorist financing were displayed. The actor behind the attack remains unknown.
- The summit is taking place between October 23rd and October 25th, 2018.
The Silobreaker Team
Disclaimer: Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.