IT Security Newsletter

IT Security Newsletter - 10/11/2023

Written by Cadre | Wed, Oct 11, 2023

Google will now make passkeys the default for personal accounts

Google is taking a big step toward making passkeys the default login option for its users. Starting today, users logging in to personal Google accounts will be prompted to create and use passkeys instead of passwords when possible. (Passwords will still be used in some contexts where they are not yet supported.) Built on the WebAuthn standard, passkeys seek to replace passwords by leaning on your local device's authentication method, like biometrics or a PIN. READ MORE...

Patch Tuesday, October 2023 Edition

Microsoft today issued security updates for more than 100 newly-discovered vulnerabilities in its Windows operating system and related software, including four flaws that are already being exploited. In addition, Apple recently released emergency updates to quash a pair of zero-day bugs in iOS. Apple last week shipped emergency updates in iOS 17.0.3 and iPadOS 17.0.3 in response to active attacks. READ MORE...

Air Europa data breach: Customers warned to cancel credit cards

Spanish airline Air Europa, the country's third-largest airline and a member of the SkyTeam alliance, warned customers on Monday to cancel their credit cards after attackers accessed their card information in a recent data breach. "We inform you that a cybersecurity incident was recently detected in one of our systems consisting of possible unauthorized access to your bank card data," Air Europa said in emails sent to affected individuals and seen by BleepingComputer. READ MORE...

A Frontline Report of Chinese Threat Actor Tactics and Techniques

Every day more than 8,000 Microsoft threat intelligence experts, researchers, analysts, and threat hunters analyze trillions of daily signals to uncover emerging threats and deliver timely, relevant security insights. While a good portion of this work is dedicated to threat actors and the infrastructure that enables them, we also focus on nation-state groups to contextualize their activities within the broader scope of geopolitical trends. READ MORE...

Mirai DDoS malware variant expands targets with 13 router exploits

A Mirai-based DDoS (distributed denial of service) malware botnet tracked as IZ1H9 has added thirteen new payloads to target Linux-based routers and routers from D-Link, Zyxel, TP-Link, TOTOLINK, and others. Fortinet researchers report observing a peak in the exploitation rates around the first week of September, reaching tens of thousands of exploitation attempts against vulnerable devices. READ MORE...

How Keyloggers Have Evolved From the Cold War to Today

Keyloggers, the often-unseen sentinels of the digital space, silently and meticulously document a user's every tap and keystroke with the objective of harvesting valuable information. While many consider them tools of the cyber elite, it's startling how readily available and easy to use they are today. Let's explore their lineage, the different kinds that exist, their multiple (good and bad) purposes, and the pressing need for protective measures. READ MORE...

CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability

The US cybersecurity agency CISA on Tuesday announced that it has added five more security defects to its Known Exploited Vulnerabilities catalog, warning organizations of attacks exploiting an Adobe Acrobat and Reader flaw that came to light earlier this year. The Adobe Acrobat and Reader issue is CVE-2023-21608, a use-after-free vulnerability which can be exploited to achieve remote code execution (RCE) with the privileges of the current user. READ MORE...

Organizations Respond to HTTP/2 Zero-Day Exploited for DDoS Attacks

Major tech companies and other organizations have rushed to respond to the newly disclosed HTTP/2 zero-day vulnerability that has been exploited to launch the largest distributed denial-of-service (DDoS) attacks seen to date. The existence of the attack method, named HTTP/2 Rapid Reset, and the underlying vulnerability, tracked as CVE-2023-44487, were disclosed on Tuesday by Cloudflare, AWS and Google. READ MORE...

Critical Atlassian Confluence vulnerability exploited by state-backed threat actor

A critical flaw in Atlassian Confluence Data Center and Server (CVE-2023-22515) has been exploited by a state-backed threat actor, Microsoft's threat analysts have pinpointed. CVE-2023-22515 was initially classified as a critical privilege escalation vulnerability affecting Confluence Data Center and Server versions 8.0.0 and later, but then re-classified as an issue stemming from broken access control. READ MORE...

  • ...in 1964, comedian and former "Mystery Science Theater 3000" host Michael J. Nelson is born in St. Charles, IL.
  • ...in 1968, the first manned Apollo mission, Apollo 7, is launched from Cape Kennedy.
  • ...in 1975, the premiere episode of Saturday Night Live airs on NBC, hosted by George Carlin with musical guests Billy Preston and Janis Ian.
  • ...in 1987, the first public display of the AIDS Memorial Quilt is held on the National Mall in Washington, D.C.