Database Security Digest - January 2018

DataSunrise Blog
Here is a quick look at the database security news in January 2018

Coincheck

The Tokyo-based cryptocurrency exchange Coincheck loses more than $ 400 million in a hacking attack. The hackers have pulled off the biggest crypto heist of all time so far sending clients into a panic about the future of their virtual assets. The Coincheck exchange is trading in NEM virtual currency and reported a significant drop in the balance of the virtual currency. The investigation showed that about $ 400 million worth of NEM had been illegally transferred to some unidentified accounts. NEM deposits of all customers were frozen and Coincheck had to freeze all withdrawals. At the moment the management of the company are investigating the accident. The theft was possible due to the fact that the executive team failed to implement basic security features.

Blackwallet

The Stellar Lumen cryptocurrency was targeted by a hacking attack. The attackers were able to redirect the DNS server to a server controlled by the criminals. The result of this theft was 670,000 Lumens (approximately $400,000) missing. According to experts the exploit used was a code injection. If Blackwallet users had more than 20 Lumens in their wallets their funds were automatically pushed to a different wallet apparently belonging to the attacker.

Vtech

The charges are raised at $650,000 for a Hong Kong-based electronic toymaker. The US Federal Trade Commission (FTC) raised the charges at VTech following the data breach back in 2015. A settlement has been reached with the FTC after two years of investigation. Now the toymaker has to pay $650,000 to settle charges due to the fact it failed to protect the privacy of its users. The Vtech electronic toymaker amassed a lot of information about children and parents using its Kid Connect application. However, doing that the company didn’t seek consent from parents or told children what data was being collected. The investigation showed that the security practices in the company were poor and one could easily get access to parents’ and children’s names, home addresses and even pictures and chatlogs. The hacker used a simple but still very effective method of SQL injection which let him view photos and audiofiles uploaded by children and parents. In the future the company promised to uphold to stricter security and pay more attention to personal data protection.

Jason’s Deli

There has been a massive data breach from this family-owned chain of restaurants in the USA. Investigators say that the hackers used RAM-scraping malware installed on the point-of-sale terminals all over the USA starting June 8, 2017. The management of the company notified the public that the hackers were able to obtain information on up to 2 million card numbers, including cardholder names, expiration dates, cardholder verification values, and service codes.

OnePlus

OnePlus company is responsible for leaking of up to 40,000 credit card details in the result of a hacker attack. Anyone making their purchase online put their credit card information at risk and probably might want to contact their banks. Credit card information was stolen from customers while they were making their purchases on the manufacture’s website. It seems that the weakest link on the website might be the payment integration of the company with the Magento eCommerce platform.

UK Top law firms

Cybersecurity researchers have found file dumps on the Dark Internet. These databases contain about 1.2 million entries leaked from several top UK law companies. These entries contain e-mail addresses and 80 percent of them were connected to passwords. To make the situation worse, some passwords were plaintext. Using this information hackers or virtually anyone can skip past any company corporate defense system using legitimate credentials without being detected.

Database updates

    • MariaDB
https://nvd.nist.gov/vuln/detail/CVE-2017-15365
      • IBM DB2
https://nvd.nist.gov/vuln/detail/CVE-2016-0215
      • Apache
https://nvd.nist.gov/vuln/detail/CVE-2016-6814
      • MySQL
https://nvd.nist.gov/vuln/detail/CVE-2014-8335 https://nvd.nist.gov/vuln/detail/CVE-2014-4991 https://nvd.nist.gov/vuln/detail/CVE-2014-4995 https://nvd.nist.gov/vuln/detail/CVE-2014-4996 https://nvd.nist.gov/vuln/detail/CVE-2014-4998 https://nvd.nist.gov/vuln/detail/CVE-2014-4999 https://nvd.nist.gov/vuln/detail/CVE-2014-5001 https://nvd.nist.gov/vuln/detail/CVE-2014-5004 https://nvd.nist.gov/vuln/detail/CVE-2018-2562 https://nvd.nist.gov/vuln/detail/CVE-2018-2565 https://nvd.nist.gov/vuln/detail/CVE-2018-2573 https://nvd.nist.gov/vuln/detail/CVE-2018-2576 https://nvd.nist.gov/vuln/detail/CVE-2018-2583 https://nvd.nist.gov/vuln/detail/CVE-2018-2585 https://nvd.nist.gov/vuln/detail/CVE-2018-2586 https://nvd.nist.gov/vuln/detail/CVE-2018-2590 https://nvd.nist.gov/vuln/detail/CVE-2018-2591 https://nvd.nist.gov/vuln/detail/CVE-2018-2600 https://nvd.nist.gov/vuln/detail/CVE-2018-2612 https://nvd.nist.gov/vuln/detail/CVE-2018-2622 https://nvd.nist.gov/vuln/detail/CVE-2018-2640 https://nvd.nist.gov/vuln/detail/CVE-2018-2645 https://nvd.nist.gov/vuln/detail/CVE-2018-2646 https://nvd.nist.gov/vuln/detail/CVE-2018-2647 https://nvd.nist.gov/vuln/detail/CVE-2018-2665 https://nvd.nist.gov/vuln/detail/CVE-2018-2667 https://nvd.nist.gov/vuln/detail/CVE-2018-2668 https://nvd.nist.gov/vuln/detail/CVE-2018-2696 https://nvd.nist.gov/vuln/detail/CVE-2018-2703 https://nvd.nist.gov/vuln/detail/CVE-2018-6521
      • Oracle
https://nvd.nist.gov/vuln/detail/CVE-2018-2699 https://nvd.nist.gov/vuln/detail/CVE-2018-2680 https://nvd.nist.gov/vuln/detail/CVE-2018-2575 https://nvd.nist.gov/vuln/detail/CVE-2017-10282
      • SAP HANA
https://nvd.nist.gov/vuln/detail/CVE-2018-2362