IT Security Newsletter

IT Security Newsletter - 11/12/2019

Written by Cadre | Tue, Nov 12, 2019

Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin

Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator accounts and database servers, KrebsOnSecurity has learned. Orvis says the exposure was inadvertent, and that many of the credentials were already expired.

UK's Labour Party says it has repelled a DDoS attack

The United Kingdom’s Labour Party says it has fended off a large distributed denial-of-service attack on the party’s digital platforms as it prepares for a general election. Labour leader Jeremy Corbyn said the attack occurred on Monday, calling it “very serious,” and potentially “a sign of things to come.” There was no indication that any Labour Party data had been compromised, he said.

Cyber Command flags North Korean-linked hackers

The Department of Defense has once again called out North Korean hackers by exposing malware samples researchers say are linked to regime-backed financial heists, including past attacks on the interbank messaging system known as the Society for Worldwide Interbank Financial Telecommunication (SWIFT), CyberScoop has learned.

Sodinokibi Ransomware Targeting Asia via the RIG Exploit Kit

A new malvertising campaign being used on low quality web games and blogs is redirecting Asian victims to the RIG exploit kit, which is then quietly installing the Sodinokibi Ransomware. First spotted by exploit kit researcher mol69, this new malvertising campaign is targeting Internet Explorer users from Vietnam, Korea, Malaysia and possibly other Asian countries. When browsing the web, the malvertising campaign will redirect users to a RIG exploit kit gateway that will attempt to exploit Flash vulnerabilities in the browser.

Google has access to detailed health records on tens of millions of Americans

Google quietly partnered last year with Ascension—the country's second-largest health system—and has since gained access to detailed medical records on tens of millions of Americans, according to a November 11 report by The Wall Street Journal. The endeavor, code-named "Project Nightingale," has enabled at least 150 Google employees to see patient health information, which includes diagnoses, laboratory test results, hospitalization records, and other data.

Magento Urges Users to Apply Security Update for RCE Bug

Magento's Security Team urged users to install the latest released security update to protect their stores from exploitation attempts trying to abuse a recently reported remote code execution (RCE) vulnerability. The issue is impacting Magento Commerce 2.3.1 and Magento Commerce 2.3.2 were security-only patch 2.3.2-p2 was not installed, as well as unsupported versions of Page Builder, such as Page Builder Beta.