IT Security Newsletter

IT Security Newsletter - 10/30/2023

Written by Cadre | Mon, Oct 30, 2023

LockBit alleges it boarded Boeing, stole 'sensitive data'

Notorious ransomware gang LockBit has reportedly exfiltrated "a tremendous amount of sensitive data from aerospace outfit Boeing. VX underground published a screenshot of Lockbit's announcement, and threat to expose data if Boeing does not engage with it by November 2nd. Boeing has told US media it is investigating Lockbit's claims. If Lockbit has indeed stolen Boeing data the repercussions could be enormous as the company does plenty of work for military clients. READ MORE...

Octo Tempest cybercriminal group is "a growing concern"-Microsoft

Octo Tempest is believed to be a group of native English speaking cybercriminals that uses social engineering campaigns to compromise organizations all over the world. Initially the group made a name for itself by SIM swapping. SIM swapping, also known as SIM jacking, is the act of illegally taking over a target's cell phone number. This can be done in a number of ways, but the most common ones involve social engineering attacks on the victim's carrier. READ MORE...

F5 fixes BIG-IP auth bypass allowing remote code execution attacks

A critical vulnerability in the F5 BIG-IP configuration utility, tracked as CVE-2023-46747, allows an attacker with remote access to the configuration utility to perform unauthenticated remote code execution. The flaw has received a CVSS v3.1 score of 9.8, rating it "critical," as it can be exploited without authentication in low-complexity attacks. "This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port. READ MORE...

New Hunters International ransomware possible rebrand of Hive

A new ransomware-as-a-service brand named Hunters International has emerged using code used by the Hive ransomware operation, leading to the valid assumption that the old gang has resumed activity under a different flag. This theory is supported by analysis of the new encryptor revealing multiple code overlaps between the two ransomware gangs. Security researchers analyzing a sample of the Hunters International malware discovered a striking resemblance to the code used in Hive ransomware attacks. READ MORE...

Whistleblowers: Should CISOs Consider Them a Friend or Foe?

Are whistleblowers traitors to the company, a danger to corporate brand image, and a form of insider threat? Or are they an early warning safety valve that can be used to strengthen cybersecurity and compliance? Two high profile recent whistleblower cases confirm the arrival of whistleblowing to cybersecurity. These are Peiter (Mudge) Zatko and Twitter, and an FCA action against Penn State's Applied Research Laboratory (ARL). READ MORE...

Attackers Can Use Modified Wikipedia Pages to Mount Redirection Attacks on Slack

Security researchers at eSentire are calling attention to a new method that attackers can use to redirect business professionals to malicious websites. Described as the Wiki-Slack attack, the new technique uses modified Wikipedia pages and relies on a formatting error when the page is rendered in Slack. To mount the attack, a threat actor would first need to select a Wikipedia article that might be of interest to an intended target, then modify it to add a legitimate footnote at the end of the first paragraph. READ MORE...

Safari Side-Channel Attack Enables Browser Theft

Researchers have developed a side-channel exploit for Apple CPUs, enabling sophisticated attackers to extract sensitive information from browsers. Side-channel attacks are usually overlooked, often physical counterparts to traditional software hacks. Rather than an unsecured password or a vulnerability in a program, they take advantage of the extra information a computer system or hardware generates - in the form of sound, light, or electromagnetic radiation, for example. READ MORE...

  • ...in 1838, Oberlin Collegiate Institute in Lorain County, Ohio becomes the first college in the U.S. to admit female students.
  • ...in 1938, H.G. Wells' War of the Worlds is broadcast over the radio by Orson Welles' Mercury Theatre.
  • ...in 1961, The USSR detonates "Tsar Bomba," a 50-megaton hydrogen bomb; it is still the largest explosive device of any kind over detonated.
  • ...in 1991, BET Holdings Inc., becomes the first African-American owned company listed on the New York Stock Exchange.