IT Security Newsletter

IT Security Newsletter - 10/2/2023

Written by Cadre | Mon, Oct 2, 2023

Critical vulnerabilities in Exim threaten over 250k email servers worldwide

Thousands of servers running the Exim mail transfer agent are vulnerable to potential attacks that exploit critical vulnerabilities, allowing remote execution of malicious code with little or no user interaction. The vulnerabilities were reported on Wednesday by Zero Day Initiative, but they largely escaped notice until Friday when they surfaced in a security mail list. Four of the six bugs allow for remote code execution and carry severity ratings of 7.5 to 9.8 out of a possible 10. READ MORE...

Johnson Controls Ransomware Attack Could Impact DHS

Sensitive Department of Homeland Security (DHS) information might have been compromised in a recent ransomware attack aimed at government contractor Johnson Controls International. A multinational giant headquartered in Cork, Ireland, Johnson Controls produces industrial control systems and smart building equipment, software, and services, including HVAC, security, fire protection, and support solutions. READ MORE...

Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company

ESET researchers have uncovered a Lazarus attack against an aerospace company in Spain, where the group deployed several tools, most notably a publicly undocumented backdoor we named LightlessCan. Lazarus operators obtained initial access to the company's network last year after a successful spearphishing campaign, masquerading as a recruiter for Meta - the company behind Facebook, Instagram, and WhatsApp. READ MORE...

A Closer Look at the Snatch Data Ransom Group

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang's internal operations. Today, we'll take a closer look at the history of Snatch, its alleged founder, and their claims that everyone has confused them with a different, older ransomware group by the same name. READ MORE...

Three men found guilty of laundering $2.5 million in Target gift card tech support scam

Three Californian residents have been convicted of laundering millions of dollars tricked out of older adults who had fallen victim to government-imposter and tech support scams. As the US Department of Justice announced, the men were part of a conspiracy that saw phone calls made from overseas to elderly US citizens, with bogus claims pretending the victim's computer or mobile device had a serious problem that could only be resolved by making a substantial payment via a Target gift card. READ MORE...

Progress Software discloses 8 vulnerabilities in one of its other file-transfer services

Progress Software quietly alerted customers to eight vulnerabilities in WS_FTP Server, another file-transfer service from the company behind MOVEit. The company shared the news the day after its fiscal third quarter earnings call. Two of the eight vulnerabilities are critical with CVSS scores of 10 and 9.9 out of 10, CVE-2023-40044 and CVE-2023-42657, respectively. All versions of the file-transfer service are impacted. READ MORE...

Recently Patched TeamCity Vulnerability Exploited to Hack Servers

In-the-wild exploitation of a critical vulnerability in JetBrains' TeamCity continuous integration and continuous deployment (CI/CD) server started just days after the availability of a patch was announced. The vulnerability, tracked as CVE-2023-42793, impacts the on-premises version of TeamCity and it allows an unauthenticated attacker with access to a targeted server to achieve remote code execution and gain administrative control of the system. READ MORE...

Exploit released for Microsoft SharePoint Server auth bypass flaw

Proof-of-concept exploit code has surfaced on GitHub for a critical authentication bypass vulnerability in Microsoft SharePoint Server, allowing privilege escalation. Tracked as CVE-2023-29357, the security flaw can let unauthenticated attackers gain administrator privileges following successful exploitation in low-complexity attacks that don't require user interaction. READ MORE...

  • ...in 1950, Charles Schulz's comic strip "Peanuts" first appears. By the late 1960s, it would run in over 2,600 newspapers worldwide.
  • ...in 1951, English musician and actor Sting is born in Wallsend, Northumberland.
  • ...in 1959, screenwriter Rod Serling's dark sci-fi/horror anthology series "The Twilight Zone" debuts on CBS.
  • ...in 1967, Thurgood Marshall is sworn in as the first African-American justice of United States Supreme Court.