The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I\u2019m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.<\/p>\n
Researchers recently discovered as many as 18 different vulnerabilities<\/a> with Foscam cameras. Among the exploits are several methods of gaining remote access to the cameras, as well as viewing active feeds, and searching through locally stored files. Although the researchers reported these issues months ago, the manufacturer has not yet addressed the issues. Unfortunately for consumers, Foscam makes devices for at least 14 different brands, all of which come with the same security risks.<\/p>\n The notorious EternalBlue exploit, which was used in the WannaCry attacks, has been ported to Windows 10<\/a>, which means all current versions of Windows are susceptible to the exploit, if not properly patched. In addition to the port, another exploit module was created, which slims down network traffic and allows the infection to remain undetected by current detection criteria. While researchers are still learning and understanding the full capabilities of EternalBlue, it has also opened the door for less skilled hackers to modify the otherwise well-written exploit for their own purposes.<\/p>\n In the last week, researchers found a publicly-facing database<\/a> containing the customer and vehicle information for nearly 10 million cars in the US. The database, which had been actively available for around four months, has no known owner, though several dealerships named in the database have been contacted with inquiries. Unauthorized access to the information could give criminals more than enough information to have extra keys made for the vehicles, and could even lead to identity theft issues.<\/p>\n The cybercriminal group Turla has executed numerous cyberattacks on major corporations and government agencies over the last few years. Now, however, they’ve switched their focus<\/a> to individual attacks, typically using Firefox browser extensions to create backdoors into personal systems. The attacks are coordinated by placing comments on highly-trafficked Instagram pages and pictures. The browser extension hashes the comment values until the malicious hash is discovered, at which point it contacts a C&C server for instructions. Fortunately for many social media users, the APIs used to create the malicious extension will be phased out in future versions of Firefox.<\/p>\nEternalBlue Exploit Port to Windows 10<\/h6>\n
Car Owner Database Publicly Available<\/h6>\n
Turla Hacking Group Changing Methods of Attack<\/h6>\n
Edmodo Data Breach Confirmed<\/h6>\n