WP This Week in Application Security News, March 24-30, 2018 | Imperva

This Week in Application Security News, March 24-30, 2018

This Week in Application Security News, March 24-30, 2018

News highlights this week: Under Armour reveals that data was stolen from 150 million users of its MyFitnessPal app, WannaCry targets Boeing computers and university networks are being used for cryptomining.

MyFitnessPal data leak

On March 29, Under Armour revealed its subsidiary MyFitnessPal was affected in a significant data beach, compromising as many as 150 million accounts. Account information involved in the breach includes user names, email addresses, and hashed passwords. Under Armour says it was made aware last week of the breach, which occurred in February.

Read more …

Under Armour’s MyFitnessPal App Hacked (The Sun, March 29)

Under Armour Says 150 million MyFitnessPal Accounts Hit by Data Breach (ZDNet, March 29)

Under Armour Data Breach Affects 150 million MyFitnessPal Users (Engadget, March 29)

WannaCry, cryptomining

On Wednesday March 28th, Boeing reported that it was hit by a cyberattack – identified as the same WannaCry computer virus that struck thousands of computer systems around the world the last year.

Read more …

Boeing Possibly Hit by ‘WannaCry’ Malware Attack (The New York Times, March 29)

Boeing Computers Hit by WannaCry (InfoSec, March 29)

Boeing Reportedly Hit by Wannacry Ransomware (TechCrunch, March 29)

Sixty percent of cryptomining detections in a Vectra study occurred on higher-education networks.

Read more …

University Networks Become Fertile Ground for Cryptomining (Dark Reading, March 29)

In other news…

New York City is Launching Public Cybersecurity Tools to Keep Residents from Getting Hacked (TechCrunch, March 29)

GoScanSSH Malware Targets SSH Servers, But Avoids Military and Gov Systems (Threat Post, Mar 27)

Leader of Cybercrime APT Behind $1.2 Billion in Bank Heists Arrested (Dark Reading, March 27)

Hajime Botnet Makes a Comeback With Massive Scan for MikroTik Routers (Bleeping computer, Mar 27)

Android Monero-Mining Malware Can Cause Device Failure (Bleeping computer, Mar 28)

Who and What Is Coinhive? (Krebs on Security, Mar 26)

Bad Bots Increasingly Hide Out in Cloud Data Centers (Dark Reading, March 27)