Cyber Weekly Digest - Week #14

It was a brought range of news this week, with breaches, vulnerabilities, exploits and lots of news about Zoom. Let's take a look at what happened.


1. Another data breach affecting over 5.2 million guests was disclosed today by the international hotel chain Marriot. The incident took place after two employee accounts got compromised, exposing the guest's personal information, including email address, phones, names, gender, date of birth and loyalty account information. This breach is not the first time that Marriott is involved in a cyber incident. In 2018 it was disclosed that Starwood, a subsidiary of Marriott, had their central reservation system hacked, exposing the personal information of more than 327 million guests.


2. As this health crisis continues, more and more people are increasingly working from home, utilizing online communication platforms like Zoom. This surge of popularity has security researchers concerned since Zoom has had some problems in the past regarding privacy and security. An example of this was the discovery of a technique back in January that could have allowed attackers to identify and join active meetings. Moreover, it was revealed that Zoom was reinstalling itself on mac devices without permission, even after users had uninstalled the software. In the end, Apple issued an update to remove this sneaky code from all Macs. Even now, Zoom claimed to use end-to-end encryption, something that is not true and something that caused some trouble for the British PM, who uses the platform for government meetings. Businesses must follow some security practises to eliminate as many risks involved with this as they can; here are some recommendations.


3. According to research published by Kaspersky and Trend Micro, a hacking campaign exploited a remote iOS vulnerability to install spyware on iPhones. This watering hole attack uses fake links posted in multiple forums, popular in Hong Kong, which lead the unaware victims to a site containing the malicious scripts. Once installed, the exploit allows the interloper to exfiltrate sensitive data from the device and even take full control.


4. As reported from KrebsonSecurity, a spearfishing attack on a GoDaddy.com customer service employee gave the phishers the ability to access half a dozen GoDaddy customers. The attackers were able to change the domain names of the compromis