IT Security Newsletter

IT Security Newsletter - 10/8/2021

Written by Cadre | Fri, Oct 8, 2021

Maverick fast-attack ransomware group FIN12 is quickly expanding

Today, security company Mandiant issued a report tracking the growth of a ransomware attack group it calls FIN12. The company said the group is one of the most aggressive ransomware attackers ever seen, making up a fifth of all the cases it has handled since September 2020. FIN12 is also shifting its techniques and targets as it evolves. FIN12 hits big targets with average annual revenues of $6 billion, said Mandiant. READ MORE...

US Navy ship Facebook page hijacked to stream video games

The official Facebook page of the US Navy's destroyer-class warship, USS Kidd, has been hijacked. According to Task & Purpose, who first reported on the incident, the account has done nothing but stream Age of Empires, an award-winning, history-based real-time strategy (RTS) video game wherein players get to grow civilizations by progressing them from one historical time frame to another. READ MORE...

BrewDog exposed data for over 200,000 shareholders and customers

BrewDog, the Scottish brewery and pub chain famous for its crowd-ownership model and the tasty IPAs, has irreversibly exposed the details of 200,000 of its shareholders and customers. The exposure lasted for over 18 months and the point of the leak was the firm's mobile app, which gives the 'Equity Punks' community access to information, discounts at bars, and more. As detailed in a PenTestPartners report, the problem lies in the app's API, and more specifically, its token-based authentication system. READ MORE...

Google warns 14,000 Gmail users targeted by Russian hackers

Google has warned about 14,000 of its users about being targeted in a state-sponsored phishing campaign from APT28, a threat group that has been linked to Russia. The campaign was detected in late September and accounts for a larger than usual batch of Government-Backed Attack notifications that Google sends to targeted users every month. The campaign from APT28, also known as Fancy Bear, lead to a larger number of warnings for Gmail users across various industries. READ MORE...

Microsoft: Russia Behind 58% of Detected State-Backed Hacks

Russia accounted for most state-sponsored hacking detected by Microsoft over the past year, with a 58% share, mostly targeting government agencies and think tanks in the United States, followed by Ukraine, Britain and European NATO members, the company said. The devastating effectiveness of the long-undetected SolarWinds hack also boosted Russian state-backed hackers' success rate to 32% in the year ending June 30, compared with 21% in the preceding 12 months. READ MORE...

October 2021 Patch Tuesday forecast: Halloween came early this year

Halloween is not until the end of the month, but there has already been a lot of scary activity leading up to this patch Tuesday. PrintNightmare and Apple zero-days are just a few that have made the news. It's been over three months since the vulnerabilities were announced, but PrintNightmare continues to be a scary topic of conversation. Microsoft changed the Point and Print feature functionality with their recent updates to require administrator privileges. READ MORE...

Apache Releases Another Patch for Actively Exploited HTTP Server Zero-Day

The Apache HTTP Server Project on Thursday announced the release of another update in response to a recently discovered zero-day vulnerability after determining that the initial fix was incomplete. The vulnerability, tracked as CVE-2021-41773, can be exploited for path traversal and remote code execution. The flaw impacts Apache HTTP Server 2.4.49 and it has been exploited in attacks, so it's important that organizations install the patches as soon as possible. READ MORE...

  • ...in 1862, The Union is victorious at the Battle of Perryville, the largest Civil War combat to take place in Kentucky.
  • ...in 1897, Journalist Charles Henry Dow, founder of the Wall Street Journal, begins charting trends of stocks and bonds.
  • ...in 1922, Lilian Gatlin becomes the first woman pilot to fly across the United States.
  • ...in 1982, "Cats" opens on Broadway and runs for nearly 18 years, closing in September 2000.