IT Security Newsletter

IT Security Newsletter - 1/23/2023

Written by Cadre | Mon, Jan 23, 2023

T-Mobile Breached Again, This Time Exposing 37M Customers' Data

T-Mobile has disclosed a new, enormous breach that occurred in November, which was the result of the compromise of a single application programming interface (API). The result? The exposure of the personal data of more than 37 million prepaid and postpaid customer accounts. For those keeping track, this latest disclosure marks the second sprawling T-Mobile data breach in two years and more than a half-dozen in the past five years. READ MORE...

FanDuel gamblers warned of phishing threat after data breach at Mailchimp

The important thing to realise about the (most recently) reported data breach at email newsletter service Mailchimp is that it's not just Mailchimp's customer data that was put at risk. Even if you're not personally a customer of Mailchimp, even if you've never even heard of Mailchimp, you may be affected. That's a realisation that should be dawning on customers of sportsbook and betting website FanDuel, as they receive warnings that their names and email addresses were exposed earlier this month. READ MORE...

Hackers now use Microsoft OneNote attachments to spread malware

Threat actors now use OneNote attachments in phishing emails that infect victims with remote access malware which can be used to install further malware, steal passwords, or even cryptocurrency wallets. This comes after attackers have been distributing malware in emails using malicious Word and Excel attachments that launch macros to download and install malware for years. However, in July, Microsoft finally disabled macros by default in Office documents, making this method unreliable for distributing malware. READ MORE...

Ransomware attack against Yum! Brands follows several incidents targeting restaurant industry

Fast food provider Yum! Brands disclosed a ransomware attack forced the company to shut down almost 300 restaurants in the U.K., the company said in a Wednesday filing with the Securities and Exchange Commission. After detecting the incident, it immediately took containment measures, which included taking certain systems offline and enhancing its monitoring technology, according to the filing. The firm is actively working to restore affected systems and expects that process to be completed in the coming days. READ MORE...

Companies Impacted by Recent Mailchimp Breach Start Notifying Customers

Companies affected by the recent Mailchimp data breach have started notifying customers. The list includes WooCommerce, FanDuel, Yuga Labs and the Solana Foundation. Marketing automation platform Mailchimp revealed recently that its security team discovered unauthorized access to one of its tools on January 11. The tool is used by the company's customer-facing teams for support and account administration. READ MORE...

  • ...in 1944, actor Rutger Hauer ("Blade Runner", "Ladyhawke") is born in Utrecht, Netherlands.
  • ...in 1957, former US Air Force pilot Walter Morrison sells his invention, called the "Pluto Platter", to Wham-O. It would go on to become a household name, as the Frisbee.
  • ...in 1986, the Rock and Roll Hall of Fame inducts its first honorees, including Little Richard, Chuck Berry, Buddy Holly, Jerry Lee Lewis, and Elvis Presley, among others.
  • ...in 1998, Netscape announces the formation of Mozilla. It would outlive its parent company, releasing the Firefox web browser and several other open-source products.