And here comes another issue of the Sunday Weekly… On Mondays!
Nippon Telegraph and Telephone (NTT) announced they had been breached. It seems not a lot of costumers have been impacted, around 600 cloud users, but what is interesting is how the bad actors were able to access: Active Directory services. Here you have the official statement.
Joomla, a popular CMS, has also communicated a recent data breach. This time it was a clear human error that left an unencrypted backup in an Amazon S3 bucket. Information leaked is related to businesses that offer Joomla services. It could include full names, emails, hashed passwords, and IP addresses.
There is an Android flaw that would allow an attacker to hijack apps. This is a new version of a defect found last year, named Strandhogg. You have all the technical information here for the first version and here for the newer one.
The NSA published a warning about how the Russian GRU is using a vulnerability in operating systems running in ICS equipment. The attack allows one to execute shell commands on the host and network that the system is running on, allowing them to move to another network. It’s a patched vulnerability, but many people still haven’t updated, and maybe that is why the NSA has stressed it out.
That’s all for now! Remember to follow me on Twitter and, as usual, stay safe!