IT Security Newsletter

IT Security Newsletter - 10/6/2023

Written by Cadre | Fri, Oct 6, 2023

MGM Resorts ransomware attack led to $100 million loss, data theft

MGM Resorts reveals that last month's cyberattack cost the company $100 million and allowed the hackers to steal customers' personal information. The hospitality and entertainment giant disclosed a cybersecurity issue on September 11, 2023, which impacted its main website, online reservations systems, and in-casino services like slot machines, credit card terminals, and ATMs. READ MORE...

Nonprofit Service Provider Blackbaud Settles Data Breach Case for $49.5M With States

The fundraising software company Blackbaud agreed Thursday to pay $49.5 million to settle claims brought by the attorneys general of 49 states and Washington, D.C., related to a 2020 data breach that exposed sensitive information from 13,000 nonprofits. Health information, Social Security numbers and the financial information of donors or clients of the nonprofits, universities, hospitals and religious organizations that the company serves was the type of data that was exposed in the breach. READ MORE...

DNA testing service 23andMe investigating theft of user data

The DNA testing company 23andMe is investigating whether a large trove of customer data was stolen from the company after information about the firm's clients was offered for sale on a cybercrime forum earlier this week. On Sunday, a post on a popular forum where stolen data is traded and sold claimed to have "the most valuable data you'll ever see" and posted a link to a sample of what was described as "20 million pieces of data" from 23andMe. READ MORE...

Update your Android devices now! Google patches two actively exploited vulnerabilities

Google has patched 53 vulnerabilities in its Android October security updates, two of which are known to be actively exploited. Google's security bulletin notes that there are indications that these two vulnerabilities may be under limited, targeted exploitation. If your Android phone is at patch level 2023-10-06 or later then the two issues discussed below have been fixed. The updates have been made available for Android 11, 12, 12L and 13. READ MORE...

Exim finally fixes 3 out of 6 vulnerabilities

Exim is a message transfer agent (MTA) originally developed at the University of Cambridge for use on Unix systems connected to the internet, and is freely available under the terms of the GNU General Public Licence. Even though the name may be new to you, a Shodan search revealed 3.5 million servers online. According to recent data, they account for more than half of all email servers. Most of these servers are in the US, Russia, Germany, and the Netherlands. READ MORE...

Unkillable? Qakbot Infections Fly On Even After Its High-Profile Raid

The Qakbot (aka Qbot) first-stage malware operation is still kicking, even after the "Operation Duck Hunt" raid by law enforcement eviscerated its infrastructure a few weeks ago. It was recently seen distributing the Ransom Knight ransomware and the Remcos backdoor remote access Trojan (RAT) via phishing emails. Evidently, a massive takedown of Qakbot's botnet infrastructure in August wasn't enough to even temporarily kill the notorious initial access broker (IAB). READ MORE...

Red Cross Publishes Rules of Engagement for Hacktivists During War

The International Committee of the Red Cross (ICRC) is urging hacking groups involved in conflict during war to abide by a set of rules meant to protect the general population. According to the organization, which oversees and monitors the rules of war, an increasing number of civilian hackers are getting involved in military conflicts by means of digital operations, especially in the context of the Russian war in Ukraine. READ MORE...

Exploits released for Linux flaw giving root on major distros

Proof-of-concept exploits have already surfaced online for a high-severity flaw in GNU C Library's dynamic loader, allowing local attackers to gain root privileges on major Linux distributions. Dubbed 'Looney Tunables' and tracked as CVE-2023-4911, this security vulnerability is due to a buffer overflow weakness, and it affects default installations of Debian 12 and 13, Ubuntu 22.04 and 23.04, and Fedora 37 and 38. READ MORE...

  • ...in 1866, the Reno gang carries out the first robbery of a moving train in the U.S., making off with over $10,000.
  • ...in 1995, Astronomers discover that the star 51 Pegasi has a planet orbiting around it, the first observed solar system outside of our own.
  • ...in 2007, Explorer and author Jason Lewis becomes the first person to complete a human-powered circumnavigation of the globe.
  • ...in 2010, the social media photo-sharing site Instagram is founded.