IT Security Newsletter

IT Security Newsletter - 11/10/2023

Written by Cadre | Fri, Nov 10, 2023

World's biggest bank hit by ransomware, forced to trade via USB stick

The US trading arm of the Industrial and Commercial Bank of China (ICBC) has been hit by a ransomware attack that reportedly forced it to handle trades via messengers carrying USB thumb drives across Manhattan. A notice on the ICBC Financial Services website confirmed that its systems were disrupted on November 8 2023, and that it is "conducting a thorough investigation" into the security incident, and has informed relevant authorities. READ MORE...

Mr. Cooper customers' data exposed by cyberattack

Customers with loans serviced by Mr. Cooper Group had their data exposed by a cyberattack last week, the mortgage servicing provider said Thursday. "Our preliminary analysis found that certain customer data was exposed, however it will require additional analysis to validate this finding and quantify the scope and type of any such exposure," the company said Thursday in an updated filing with the Securities and Exchange Commission. READ MORE...

Kyocera AVX says ransomware attack impacted 39,000 individuals

Kyocera AVX Components Corporation (KAVX) is sending notices of a data breach exposing personal information of 39,111 individuals following a ransomware attack. KAVX is an American manufacturer of advanced electronic components, a subsidiary of the Japanese semiconductor giant Kyocera. In the data breach notification to affected people, KAVX says that it discovered on October 10, 2023 that hackers accessed its systems between February16, and March 30, 2023. READ MORE...

McLaren Health Care says data breach impacted 2.2 million people

McLaren Health Care (McLaren) is notifying nearly 2.2 million people of a data breach that occurred between late July and August this year, exposing sensitive personal information. McLaren is a non-profit healthcare system with an annual revenue of $6.6 billion. It encompasses an extensive network across Michigan that includes 14 hospitals with a total bed capacity of 2,624 and is supported by a team of 490 physicians. READ MORE...

Cyber ops linked to Israel-Hamas conflict largely improvised, researchers say

In the wake of Hamas's attack on Israel, researchers and cybersecurity firms observed an uptick in operations by hacktivists and state-sponsored hacking groups. But more than one month into the conflict, researchers are increasingly concluding that cyberoperations linked to the war have been mostly opportunistic in nature and frequently exaggerated in terms of their impact. READ MORE...

1.3 Million Maine Residents Impacted by MOVEit Hack

The State of Maine is the latest entity to disclose significant impact from the cyberattack targeting a zero-day in Progress Software's MOVEit file transfer tool earlier this year. By exploiting the vulnerability, described as a critical unauthenticated SQL injection issue, a notorious ransomware gang accessed data transferred through the MOVEit software. To date, more than 2,500 organizations and over 69 million individuals have been affected by the MOVEit hack. READ MORE...

Cloudflare website downed by DDoS attack claimed by Anonymous Sudan

A threat group known as Anonymous Sudan claimed that they were the ones who took down Cloudflare's website in a distributed denial-of-service (DDoS) attack. Cloudflare confirmed that the outage resulted from a DDoS attack that only affected the Cloudflare website without impacting other products or services. The company didn't attribute the attack to a specific threat actor. READ MORE...

Imperial Kitten APT Claws at Israeli Industry with Multiyear Spy Effort

A group with links to Iran has been conducting watering-hole attacks against Israeli transportation, logistics, and technology sectors over the last two years, an investigation has uncovered. According to research by CrowdStrike released today, the cyber-espionage attacks were conducted by a state-sponsored advanced persistent threat (APT) named "Imperial Kitten", aka Yellow Liderc, Tortoiseshell, TA456, and Crimson Sandstorm. READ MORE...

CherryBlos, the malware that steals cryptocurrency via your photos - what you need to know

CherryBlos is a rather interesting family of Android malware that can plunder your cryptocurrency accounts - with a little help from your photos. Imagine you have sensitive information - such as details related to your cryptocurrency wallet - in your Android phone's photo gallery. Whatever the sensitive information, the CherryBlos malware can lift it out of the pictures using optical character recognition (OCR). READ MORE...

'BlazeStealer' Python Malware Allows Complete Takeover of Developer Machines

Malicious Python packages masquerading as legitimate code obfuscation tools are targeting developers via the PyPI code repository. Focusing on those interested in code obfuscation is a savvy choice that could offer up organizational crown jewels, according to researchers at Checkmarx, who dubbed the malware "BlazeStealer." They warned on Nov. 8 that BlazeStealer is particularly concerning because it can exfiltrate host data, steal passwords, launch keyloggers, encrypt files, and execute host commands. READ MORE...

MOVEit hackers leverage new zero-day bug to breach organizations (CVE-2023-47246)

A critical zero-day vulnerability (CVE-2023-47246) in the SysAid IT support and management software solution is being exploited by Lace Tempest, a ransomware affiliate known for deploying Cl0p ransomware. Lace Tempest has previously exploited zero-day vulnerability (CVE-2023-34362) in Progress Software's MOVEit Transfer installations to steal data from many enterprises and public sector organizations. READ MORE...

  • ...in 1891, Carl Stalling, the composer and arranger for hundreds of "Looney Tunes" and "Merrie Melodies" cartoons, is born in Lexington, MO.
  • ...in 1928, film composer Ennio Morricone ("A Fistful of Dollars", "Cinema Paradiso") is born in Rome, Italy.
  • ...in 1969, "Sesame Street" made its debut on the National Education Television network, the precursor to PBS.
  • ...in 1983, Microsoft introduces Windows 1.0.