IT Security Newsletter

IT Security Newsletter - 11/30/2022

Written by Cadre | Wed, Nov 30, 2022

Killnet Gloats About DDoS Attacks Downing Starlink, White House

Killnet and its band of hacker collaborators are claiming they were able to pull off a trio of symbolic distributed denial-of-service (DDoS) attacks aimed at punishing some of the most critical supporters of Ukraine against the Russian invasion - Elon Musk's Starlink satellite broadband service and the websites of the White House in the US and the Prince of Wales in the UK. Researchers at Trustwave were able to find evidence corroborating the Russian-backed threat group's claims.  READ MORE...

Cyber-Threat Group Targets Critical RCE Vulnerability in 'Bleed You' Campaign

The "Bleed You" campaign is trying to take advantage of a known remote code execution (RCE) vulnerability in Windows Internet Key Exchange (IKE) Protocol Extensions, and more than 1,000 systems are unpatched and vulnerable to compromise. The critical flaw, tracked as CVE-2022-34721, has been under active attack since September, a new report from Cyfirma warns, affecting vulnerable Windows OS, Windows Servers, along with Windows protocol and services. READ MORE...

Delta Electronics Patches Serious Flaws in Industrial Networking Devices

Taiwan-based Delta Electronics has patched potentially serious vulnerabilities in two of its industrial networking products. The flaws were identified by researchers at CyberDanube, a new industrial cybersecurity company based in Austria, in Delta's DX-2100-L1-CN 3G cloud router and the DVW-W02W2-E2 industrial wireless access point. The researchers conducted their analysis on so-called digital twins, which involve virtualization techniques, rather than by looking at the actual devices. READ MORE...

Trigona ransomware spotted in increasing attacks worldwide

A previously unnamed ransomware has rebranded under the name 'Trigona,' launching a new Tor negotiation site where they accept Monero as ransom payments. Trigona has been active for some time, with samples seen at the beginning of the year. However, those samples utilized email for negotiations and were not branded under a specific name. Starting in late October 2022, the ransomware operation launched a new Tor negotiation site where they officially named themselves 'Trigona.' READ MORE...

Self-Replicating Malware Used by Chinese Cyberspies Spreads via USB Drives

A China-linked cyberespionage group tracked as UNC4191 has been observed using self-replicating malware on USB drives to infect targets, and the technique could allow them to steal data from air-gapped systems, Google-owned Mandiant reports. UNC4191 has been observed targeting public and private entities in Southeast Asia, Asia-Pacific, Europe, and the US, with a focus on the Philippines, deploying legitimately signed binaries to side-load malware. READ MORE...

How secure a Twitter replacement is Mastodon? Let us count the ways

As Elon Musk critics flee from Twitter, Mastodon seems to be the most common replacement. In the last month, the number of monthly active users on Mastodon has rocketed more than threefold, from about 1 million to 3.5 million, while the total number of users jumped from about 6.5 million to 8.7 million. This substantial increase raises important questions about the security of this new platform, and for good reason. READ MORE...

Flaw allowed man to access private information of other Brinks Home Security customers

A Canadian man has revealed that the company he chose to provide security for his home was carelessly exposing the private information for other customers, even after he warned them about the problem. When Edmonton-based Andrew Kopp had the Brinks Home Security system installed at his house he thought he was doing the right thing to protect his home and family, but he discovered he might actually have been unwittingly putting his personal information into the hands of online fraudsters. READ MORE...

It took nearly 500 years for researchers to crack Charles V's secret code

In 1547, Holy Roman Emperor Charles V penned a letter to his ambassador, Jean de Saint-Mauris, part of which was written in the ruler's secret code. Nearly five centuries later, researchers have finally cracked that code, revealing Charles V's fear of a secret assassination plot and continued tensions with France, despite having signed a peace treaty with the French king a few years earlier. READ MORE...

  • ...in 1835, author Samuel Langhorne Clemens, better known by the pen name Mark Twain, is born in Missouri.
  • ...in 1955, actor Kevin Conroy, the voice of Batman in dozens of animated films, TV series, and video games, is born in Westbury, NY.
  • ...in 1982, Michael Jackson's "Thriller", the best-selling album of all time, is released.
  • ...in 1995, Operation Desert Storm officially ends, more than four years after the end of its six-week combat phase in January/February 1991.