Database Security Digest – November 2016

Halcyon days didn’t last long, November has been rich for cyber security events. Here are the most significant ones.

German telecommunications company Deutsche Telekom has been attacked by Mirai botnet and was forced to knock offline 900,000 customers. DDoS attack was performed with the help of SOAP remote execution vulnerability. Mirai botnet has added one more company on its victim list right beside GitHub, Twitter, Reddit, Netflix and many others. Mirai has been detected in the largest DDoS attacks in the history. The malware turns Linux users into remotely controlled bots, primarily targeting online consumer devices like remote cameras and home routers.

Two hackers got access to customers’ database of Three Mobile (UK) but didn’t have time to expose the data as they immediately got arrested. Another group called The Dark Overlord claims to have stolen 500 GB from United States glue and adhesive company Gorilla Glue.

Cobalt group has attacked cash machines in a dozen of European countries, using ‘jackpotting’ technique, malicious software that make ATM machines go bananas and spit out cash. Unnamed Russian bank’s automated banking system has been breached by unknown hackers who stole about $1.5 million from the bank’s correspondent account. Tesco Bank’s 9000 customers had their money stolen for a total cost of $3 million.

Among other cybersecurity issues there are: adultfriendfinder.com suffered a leak of 412 million records; Michael Page has leaked 780,000 job applicants’ records; wiper malware named Shamoon has paralyzed the Saudi Arabia’s central bank and other seven Governmental institutions; someone hijacked Pinterest Account of Mark Zuckerberg and posted a message with a request to help Zuckerberg with his security issues. More hacks you can find at hackmageddon.com.

Database Security

There is a new vulnerability CVE-2016-1251 affecting DBD::mysql or the Database Interface (DBI) MySQL driver for Perl.

CVSS severity: 8.1

Overview: It allows disclosure of information, modification and disruption of service without authorization.

MariaDB 10.1.19

New MariaDB adds packages for Ubuntu 16.10 Yakkety, modifications for XtraDB, TokuDB. As for the security, the update fixes the following vulnerabilities:

CVE-2016-7440 (There is no any available information about it so far)

CVE-2016-5584 Unspec