Roundup It's that time again – the week's security news in digestible chunks beyond what we've already covered. Let's get into it.
NSO no-show in Facebook suit
The Social Network chalked up an easy win this week when a US court issued a default notice in its favor against Israeli spyware builder NSO group. This is after NSO and its lawyers failed to show at a California court for an early hearing in the case.
Facebook filed suit back in 2019, alleging NSO developed code for exploits in acquired crypto chat app WhatsApp. The default means that Facebook is one step closer to winning the case and collecting a hefty damages bill.
BoatsGroup springs a data leak
Leak hunter Bob Diachenko has dropped word of a breach affecting BoatsGroup, a recreational boat and yacht news publisher and advertising company. According to Diachenko, one million or so emails. The leak has since been plugged.
BoatsGroup (Boat Trader, YachtWorld, boats-com, Cosas De Barcos, YachtCloser) was quick in addressing database configuration issue that exposed almost 1M records from "Contact Us" pages of their sites: emails, phones, names and customers requests (some of which are very personal) pic.twitter.com/4eW8cc21VJ— Bob Diachenko (@MayhemDayOne) March 3, 2020
Broadcom/Symantec tie-up hits turbulence
Reports from admins in Europe are that a number of companies are having problems with licensing renewals.
Part of the problem, it is reported, stems from a shortage of staff after some Symantec employees in Europe were laid off during the merger. If you're a user or an employee affected by these issues, please get in touch with us here.
Zoho patches RCE flaw
Admins running Zoho MangeEngine will want to make sure they have the latest version of its Desktop Central software.
Zoho announced it had patched a remote code execution vulnerability that was exploitable without authentication.
Though the bug has been mitigated by a temporary patch since January and version 10.0.474, admins will want to make sure they are running Desktop Central versions 10.0.479 to get the permanent fix.
WatchGuard Technologies to gobble Panda
Spanish antivirus and endpoint protection firm Panda Security has entered into a deal to be acquired by network security and authentication outfit WatchGuard Technologies, which sells into resellers and ISPs, among other clients. The value of the deal wasn't made public but it is expected to close in Q2 2020. Panda is the Seattle, Washington firm's seventh acquisition, and its second outside of the US after it snapped up Canadian web security folk BorderWare in 2009.
J Crew dressed down over data leak
High-end menswear company J Crew has found [PDF] a number of customer accounts being accessed by unauthorized parties. The attacker would have access to shipping information (i.e. home address) and partial credit card numbers.
From the sound of things, this was a credential-stuffing attack where a fraudster obtained leaked usernames and passwords from another site and then found accounts at J Crew that had reused those credentials.
"Through routine and proactive web scanning, we recently discovered information related to your jcrew.com account," customers are being told.
"Based on our review, we believe your email address (used as your jcrew.com username) and password were obtained by an unauthorized party and in or around April 2019 used to log into your jcrew.com account."
Anyone who gets a letter from the company will have already had their accounts frozen and will need to contact J Crew to reset their password. ®