IT Security Newsletter

IT Security Newsletter - 12/16/2022

Written by Cadre | Fri, Dec 16, 2022

Microsoft discovers Windows/Linux botnet used in DDoS attacks

Microsoft researchers have discovered a hybrid Windows-Linux botnet that uses a highly efficient technique to take down Minecraft servers and performs distributed denial-of-service attacks on other platforms. Dubbed MCCrash, the botnet infects Windows machines and devices running various distributions of Linux for use in DDoS attacks. Among the commands the botnet software accepts is one called ATTACK_MCCRASH. READ MORE...

Rackspace blames ransomware attack on financially motivated threat actor

Rackspace Technology confirmed that a financially motivated threat actor was behind the Dec. 2 ransomware attack, which disrupted email service to thousands of customers that use its Hosted Exchange service, the company said in an update Wednesday evening. The cloud services provider said the investigation by cybersecurity firm CrowdStrike and other cybersecurity experts, along with federal authorities, is nearing conclusion.  READ MORE...

Social Blade Confirms Breach After Hacker Offers to Sell User Data

Social media analytics service Social Blade has confirmed a security breach after a hacker offered to sell a database allegedly stolen from the company's systems. Social Blade monitors tens of millions of social media accounts, including on YouTube, Twitter, Twitch, Instagram, Facebook, and TikTok. The company helps content creators boost their channel's popularity. READ MORE...

Chinese Cyberspies Targeted Japanese Political Entities Ahead of Elections

A Chinese cyberespionage group known as MirrorFace has been observed targeting Japanese political entities ahead of the House of Councillors election in July 2022. Believed to have ties with APT10, MirrorFace is known for the targeting of academic institutions, defense-related firms, diplomatic organizations, media companies, and think tanks in Japan. READ MORE...

NSA cyber director warns of Russian digital assaults on global energy sector

National Security Agency Cyber Director Rob Joyce said Thursday he remains concerned about significant cyberattacks from Russia, warning that Moscow could unleash digital assaults on the global energy sector in the coming months. "I would not encourage anyone to be complacent or be unconcerned about the threats to the energy sector globally," Joyce said. READ MORE...

Blackmailing MoneyMonger Malware Hides in Flutter Mobile Apps

An Android malware campaign dubbed MoneyMonger has been found hidden in money-lending apps developed using Flutter. It's emblematic of a rising tide of blackmailing cybercriminals targeting consumers - and their employers stand to feel the effects, too. According to research from the Zimperium zLabs team, the malware uses multiple layers of social engineering to take advantage of its victims and allows malicious actors to steal private information from personal devices. READ MORE...

Ukrainian govt networks breached via trojanized Windows 10 installers

Ukrainian government entities were hacked in targeted attacks after their networks were first compromised via trojanized ISO files posing as legitimate Windows 10 installers. These malicious installers delivered malware capable of collecting data from compromised computers, deploying additional malicious tools, and exfiltrating stolen data to attacker-controlled servers. READ MORE...

API Flaws in Lego Marketplace Put User Accounts, Data at Risk

API flaws in a widely used Lego online marketplace could have allowed attackers to take over user accounts, leak sensitive data stored on the platform, and even gain access to internal production data to compromise corporate services, researchers have found. Researchers from Salt Labs discovered the vulnerabilities in BrickLink, a digital resale platform owned by the Lego Group for buying and selling second-hand Legos. READ MORE...

  • ...in 1770, classical composer and pianist Ludwig van Beethoven is born in Bonn, Germany.
  • ...in 1773, the Sons of Liberty stage the "Boston Tea Party", a protest against British taxation of the American colonies without representation in Parliament.
  • ...in 1775, English novelist Jane Austen ("Sense and Sensibility", "Pride and Prejudice") is born in Hampshire, England.
  • ...in 1949, Swedish aerospace company Saab builds its first automobile at its production facility in Trollhattan.