IT Security Newsletter

IT Security Newsletter - 11/3/2022

Written by Cadre | Thu, Nov 3, 2022

US Treasury thwarts DDoS attack from Russian Killnet group

The US Treasury Department has thwarted a distributed denial of service (DDoS) attack that officials attributed to Russian hacktivist group Killnet. These are the same pro-Kremlin miscreants that claimed responsibility for knocking more than a dozen US airports' websites offline on October 10 in similar network-traffic flooding incidents. The large-scale DDoS attack didn't disrupt air travel or cause any operational harm to the airports. READ MORE...

Dropbox Code Repositories Stolen in Cyberattack on GitHub-Based Developers

A massive phishing campaign targeting GitHub users convinced at least one developer at Dropbox to enter in their credentials and a two-factor authentication code, leading to the theft of at least 130 software code repositories. According to a Dropbox advisory on Nov. 1, the mid-October attack consisted of emails that appeared to be from CircleCI, a popular DevOps platform, and directed Dropbox employees to go to a fake login page. READ MORE...

Four-year cybercrime campaign targeting African banks netted $30 million

A French-speaking cybercrime group pulled off a series of heists over the past four years, netting perhaps as much as $30 million from firms in Africa, Asia and Latin America. Using a combination of high-quality spear phishing and off-the-shelf tools, the group has carried out more than 30 attacks targeting banks, financial services and telecommunications firms, according to research on the group's activities published Thursday. READ MORE...

Religious Minority Persecuted in Iran Targeted With Sophisticated Android Spyware

Kaspersky is warning of a previously unknown espionage campaign targeting the Persian-speaking religious minority Baha'i with Android spyware. As part of the campaign, victims were lured to a VPN application claiming to provide access to Baha'i religious resources that are banned in Iran. The application contains highly sophisticated spyware designed to collect all types of data from devices, including call logs and contact lists, and to track victims' activities. READ MORE...

The OpenSSL security update story - how can you tell what needs fixing?

Yesterday, we wrote about the waited-for-with-bated-breath OpenSSL update that attracted many column-kilometres of media attention last week. The OpenSSL team announced in advance, as it usually does, that a new version of its popular cryptographic library would soon be released. This notification stated that the update would patch against a security hole with a CRITICAL severity rating, the project's highest. READ MORE...

Fortinet Patches 6 High-Severity Vulnerabilities

Fortinet on Tuesday informed customers about 16 vulnerabilities discovered in the company's products, including six flaws that have been assigned a 'high' severity rating. One of the high-severity issues affects FortiTester and it allows an authenticated attacker to execute commands via specially crafted arguments to existing commands. FortiSIEM is affected by a vulnerability that allows a local attacker with command-line access to perform operations on the Glassfish server directly via a hardcoded password. READ MORE...

Black Basta ransomware gang linked to the FIN7 hacking group

Security researchers at Sentinel Labs have uncovered evidence that links the Black Basta ransomware gang to the financially motivated hacking group FIN7, also known as "Carbanak." When analyzing tools used by the ransomware gang in attacks, the researchers found signs that a developer for FIN7 has also authored the EDR (Endpoint Detection and Response) evasion tools used exclusively by Black Basta since June 2022. READ MORE...

Hundreds of U.S. news sites push malware in supply-chain attack

Threat actors are using the compromised infrastructure of an undisclosed media company to deploy the SocGholish JavaScript malware framework (also known as FakeUpdates) on the websites of hundreds of newspapers across the U.S. "The media company in question is a firm that provides both video content and advertising to major news outlets. [It] serves many different companies in different markets across the United States," Sherrod DeGrippo told BleepingComputer. READ MORE...

US ransomware payments surge to $1.2B in 2021: Treasury

U.S. banks and financial institutions reported a record surge in ransomware payments in 2021, with almost 1,500 filings valued at a total of nearly $1.2 billion, according to the Treasury Department's Financial Crimes Enforcement Network. The total represented a 188% increase from 2020, when there were 487 filings for a total value of $416 million. Officials said the rapid increase may be due to a surge in actual incidents as well as improved reporting and detection of attacks. READ MORE...

  • ...in 1908, Cincinnati-born William Howard Taft is elected as the 27th President of the United States of America.
  • ...in 1931, the first commercially produced synthetic rubber manufactured.
  • ...in 1952, Clarence Birdseye first markets frozen peas.
  • ...in 1957, The Soviet Union launches Sputnik 2. On board is the first animal to enter orbit: a dog named Laika.