IT Security Newsletter

IT Security Newsletter - 02/09/2021

Written by Cadre | Tue, Feb 9, 2021

Hacker Tries to Poison Water Supply of Florida Town

A threat actor remotely accessed the IT system of the water treatment facility of Oldsmar and raised the levels of sodium hydroxide in the water, an action that was quickly noticed and remediated. A threat actor hacked into the computer system of the water treatment facility in Oldsmar, Fla., and tried to poison the town's water supply by raising the levels of sodium hydroxide, or lye, in the water supply. The attack happened just two days before NFL's Super Bowl. READ MORE...

Hackers publish patient data stolen from two US hospital chains

The Florida-based Leon Medical Center and Nocona General Hospital in Texas have suffered attacks from hackers that have resulted in extensive information about their patients being published on the internet. As NBC News reports, "at least tens of thousands" of files containing patients' names, addresses, birthdays, social security numbers, Medicaid numbers, prescription details, health insurance information, medical diagnoses. READ MORE...

CD PROJEKT RED gaming studio hit by ransomware attack

CD PROJEKT RED, the video game development studio behind Cyberpunk 2077 and The Witcher trilogy, has disclosed a ransomware attack that impacted its network. The Polish gaming studio said in an official statement that the attackers breached the internal network and were able to collect CD PROJEKT capital group data before encrypting systems and leaving behind a ransom note. "We have already approached the relevant authorities, including law enforcement and the President [...]" READ MORE...

Iranian Cyber Groups Spying on Dissidents & Others of Interest to Government

A new investigation of two known threat groups show cyber actors are spying on mobile devices and PCs belonging to targeted users around the world. The Iranian government is continuing to actively spy on the mobile phones and PCs of dissidents and other individuals thought to be of interest to the regime, a new Check Point Research investigation of two Iran-based cyber-threat groups has revealed. One of the groups, called Infy, has been operating since at least 2007. READ MORE...

UN Experts: North Korea Using Cyber Attacks to Update Nukes

North Korea has modernized its nuclear weapons and ballistic missiles by flaunting United Nations sanctions, using cyberattacks to help finance its programs and continuing to seek material and technology overseas for its arsenal, U.N. experts said. The panel of experts monitoring sanctions on the Northeast Asian nation said in a report sent to Security Council members Monday that North Korea's "total theft of virtual assets from 2019 to November 2020 is valued at approximately $316.4 million." READ MORE...

Android app joins the dark side, sends malware update to millions

Google has removed a popular Android barcode scanner app with over 10 million installs from the Play Store after researchers found that it turned malicious following a December 2020 update. After lying dormant for years, the previously legitimate Barcode Scanner app developed by LAVABIRD LTD self-updated and took over the users' devices using malicious code now tagged by security vendors as trojan malware. The malicious behavior experienced by its millions of users. READ MORE...

Barcode scanner in Google Play Store became malware after years of popularity, researchers say

An app with more than 10 million downloads from the Google Play Store recently took a hard turn to the dark side, according to antivirus company Malwarebytes. The Barcode Scanner app had appeared in the store for years, but in December it became clear that it "had gone from an innocent scanner to full on malware," writes Nathan Collier, a researcher for the Silicon Valley company. Malwarebytes said Google Play removed the app in early December. READ MORE...

Microsoft to alert enterprise security teams when nation-state attackers target their employees

Microsoft will introduce this month a new security alert that will notify enterprise security teams when an employee is being targeted by suspected nation-state attackers. The notification will appear in the dashboard of Microsoft Defender for Office 365, a cloud-based email filtering service that protects enterprise Office 365 users against advanced and targeted threats (e.g., BEC, credential phishing, etc.), so that security teams may immediately start with remediation actions. READ MORE...

U.S. Agencies Publish Ransomware Factsheet

The National Cyber Investigative Joint Task Force (NCIJTF) on Friday released a joint-sealed ransomware factsheet detailing common attack techniques and means to ensure prevention and mitigation. The factsheet has been developed by an interagency group of experts in ransomware, from more than 15 government agencies, and is meant to help increase awareness on the threat that ransomware poses to critical infrastructure. READ MORE...

  • ...in 1964, the Beatles make their first appearance on the Ed Sullivan Show, performing for 73 million viewers across the USA.
  • ...in 1971, Satchel Paige becomes the first player from the Negro Leagues to be voted into the Baseball Hall of Fame.
  • ...in 1986, Halley's Comet last appeared in the inner Solar System.
  • ...in 1987, actor Michael B. Jordan ("Black Panther", "Fruitvale Station") is born in Santa Ana, CA.