IT Security Newsletter

IT Security Newsletter - 10/27/2021

Written by Cadre | Wed, Oct 27, 2021

North Korea's Lazarus Group Turns to Supply Chain Attacks

Recent activity by North Korea's infamous Lazarus Group provides fresh evidence of the growing threat actor interest in using trusted IT supply chain vendors as entry points to enterprise networks. Security researchers from Kaspersky recently discovered two separate campaigns where the Lazarus Group infiltrated the network of an IT company - likely as part of a broader strategy to compromise its downstream customers. READ MORE...

FBI Raids Chinese Point-of-Sale Giant PAX Technology

U.S. federal investigators today raided the Florida offices of PAX Technology, a Chinese provider of point-of-sale devices used by millions of businesses and retailers globally. KrebsOnSecurity has learned the raid is tied to reports that PAX's systems may have been involved in cyberattacks on U.S. and E.U. organizations. Headquartered in Shenzhen, China, PAX Technology Inc. has more than 60 million point-of-sale terminals in use throughout 120 countries. READ MORE...

Cyber Attack Cripples Iranian Fuel Distribution Network

An attack on the fuel distribution chain in Iran reportedly forced the shutdown of a network of filling stations Tuesday, leaving motorists stranded at pumps across the country and unable to fill up their tanks. The incident disabled government-issued electronic cards providing subsidies that many Iranians use to purchase fuel at discounted prices, according to a report in The Times of Israel, which said that the Iran Supreme National Security Council confirmed the attack. READ MORE...

Banking scam uses Docusign phish to thieve 2FA codes

Two weeks ago was Cybersecurity Awareness Month's "Fight the Phish" week, a theme that the #Cybermonth organisers chose because this age-old cybercrime is still a huge problem. Even though lots of us receive many phishing scams that are obvious when we look at them ourselves, it's easy to forget that the "obviousness" of many scam emails comes from the fact that the crooks never intended those scams for us in the first place. READ MORE...

Adobe Patches Gaping Security Flaws in 14 Software Products

Adobe on Tuesday released a slew of urgent patches with fixes for more than 90 documented vulnerabilities that expose Windows, macOS and Linux users to malicious hacker attacks. The security defects affect a wide range of popular products, including Adobe Photoshop, Adobe InDesign, Adobe Illustrator and Adobe Premiere. In all, Adobe provided documentation on 92 vulnerabilities and warned that more than 60 of these flaws carry remote code execution risks. READ MORE...

Spammers use Squirrelwaffle malware to drop Cobalt Strike

A new malware threat named Squirrelwaffle has emerged in the wild, supporting actors with an initial foothold and a way to drop malware onto compromised systems and networks. The new malware tool spreads via spam campaigns dropping Qakbot and Cobalt Strike in the most recent campaigns. Discovered by researchers at Cisco Talos, Squirrelwaffle is one of the tools that emerged as an Emotet replacement shortly after the law enforcement disruption on the widely used botnet. READ MORE...

FBI: Ranzy Locker ransomware hit at least 30 US companies this year

The FBI said on Monday that Ranzy Locker ransomware operators had compromised at least 30 US companies this year from various industry sectors. "Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021," the FBI said in a TLP: WHITE flash alert. "The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.' READ MORE...

Ready to Play? Squid Game Becomes an Attractive Lure to Spread Cyberthreats

During the month following its release, Squid Game, a South Korean survival drama tv-series, became Netflix's biggest series, with more than 111 million viewers. Following demand from viewers, cybercriminals are not shy in taking advantage of fans' eagerness to watch the show, with well-known fraud schemes hitting the web. Kaspersky experts share their insights on the most common and sophisticated Squid Game related threats found in the wild, including Trojans, adware, and phishy offers of Halloween costumes. READ MORE...

  • ...in 1809, President James Madison orders the annexation of the western part of West Florida. Settlers there had rebelled against Spanish authority.
  • ...in 1904, The New York subway officially opens running from the Brooklyn Bridge uptown to Broadway at 145th Street.
  • ...in 1923, pop artist Roy Lichtenstein, famous for painting large-scale reproductions of comic book panels and newspaper ads, is born in New York City.
  • ...in 1988, US President Ronald Reagan decides to tear down a new US Embassy in Moscow because Soviet listening devices were built into the structure.