IT Security Newsletter

IT Security Newsletter - 12/18/2023

Written by Cadre | Mon, Dec 18, 2023

Mortgage giant Mr. Cooper data breach affects 14.7 million people

Mr. Cooper is sending data breach notifications warning that a recent cyberattack has exposed the data of 14.7 million customers who have, or previously had, mortgages with the company. Mr. Cooper (previously Nationstar Mortgage LLC) is a Dallas-based mortgage lending firm that employs approximately 9,000 people and has millions of customers. The lender is one of the largest servicers in the United States, servicing loans of $937 billion. READ MORE...

Should You Consolidate Security to Protect Your Hybrid Workforce?

In today's fast-changing world of hybrid networks and workforces, companies are at a pivotal moment for their security strategies. Everyone is exploring some form of cybersecurity transformation as legacy models show their age in the face of new threats and modern operations. With hybrid users accessing critical corporate data in various places-public clouds, Software-as-a-Service (SaaS) applications, on-premises data centers, and more-it's time to question the security status quo. READ MORE...

MongoDB Confirms Hack, Says Customer Data Stolen

Database software company MongoDB has disclosed a malicious hack of its corporate systems and warned that customer account metadata and contact information was part of the stolen data. In a short notice posted over the weekend, the New York-based MongoDB said it detected "suspicious activity" on its network on December 13th and later confirmed the hackers had infiltrated its systems "for some period of time before discovery." READ MORE...

Delta Dental Says Data Breach Exposed 7 Million Customers

Dental insurance giant Delta Dental of California is informing more than 6.9 million individuals that their personal information was compromised as result of the MOVEit hacking incident. In notification letters it started sending out last week to the impacted individuals, the dentist network says the attackers stole names, addresses, Social Security numbers, passport numbers, state identification numbers, financial account details, tax identification numbers, and more. READ MORE...

State-linked cyber actors behind SolarWinds plant seeds for new malicious campaign

U.S. authorities warn that threat actors linked to the Russian Foreign Intelligence Service (SVR) are exploiting a critical vulnerability in JetBrains TeamCity software as part of a worldwide effort that could lead to extensive supply chain attacks. The FBI, National Security Agency, Cybersecurity and Infrastructure Security Agency along with U.K. and Polish authorities said Nobelium/Midnight Blizzard has been targeting hundreds of unpatched TeamCity servers across the globe. READ MORE...

Former IT manager pleads guilty to attacking high school network

Conor LaHiff, a former IT manager for a New Jersey public high school, has admitted to committing a cyberattack against his former employer following the termination of his employment in June 2023. Last week, the U.S. Department of Justice (DOJ) announced that LaHiff pleaded guilty to one count of unauthorized damage to protected computers, violating the Computer Fraud and Abuse Act (CFAA). READ MORE...

Pro-Israeli Hacktivists Attack Iranian Gas Stations

Hacktivist group Predatory Sparrow says it was behind a cyberattack on gas stations across Iran that disrupted operations. Between 60% and 70% of Iranian gas stations reportedly have been affected. Meanwhile, Reza Navar, a spokesperson for Iran's petrol stations association, told state news that a software issue was the culprit, and that it's being resolved. He advised drivers not to visit petrol stations. READ MORE...

Qakbot returns in fresh assault on hospitality sector

The Qakbot botnet has been disrupted this summer, but cybercriminals are not ready to give up on the malware: Microsoft's threat analysts have spotted a new phishing campaign attempting to deliver it to targets in the hospitality industry. Qakbot, also known as Qbot, started as banking malware but has since evolved into a versatile vehicle for malware and ransomware distribution. READ MORE...

Pro-Hamas Cyberattackers Aim 'Pierogi' Malware at Multiple Mideast Targets

A group of pro-Hamas attackers known as the Gaza Cybergang is using a new variation of the Pierogi++ backdoor malware to launch attacks on Palestinian and Israeli targets. According to research from Sentinel Labs, the backdoor is based on the C++ programming language and has been used in campaigns between 2022 and 2023. The attackers have also been using the Micropsia malware in recent hacking campaigns across the Middle East. READ MORE...

Marketer sparks panic with claims it uses smart devices to eavesdrop on people

We've all experienced it or heard about it happening: Someone has a conversation about wanting a red jacket, and then suddenly, it seems like they're seeing ads for red jackets all over the place. Makers of microphone-equipped electronics sometimes admit to selling voice data to third parties (advertisers). But that's usually voice data accumulated after a user has prompted their device to start listening to them and after they've opted into (preferably not by default) this sort of data collection. READ MORE...

This "smoking gun" killed the McDonald's ice cream hackers' startup

A little over three years have passed since McDonald's sent out an email to thousands of its restaurant owners around the world that abruptly cut short the future of a three-person startup called Kytch-and with it, perhaps one of McDonald's best chances for fixing its famously out-of-order ice cream machines. Until then, Kytch had been selling McDonald's restaurant owners a popular Internet-connected gadget designed to attach to their notoriously fragile and often broken soft-serve McFlurry dispensers. READ MORE...

  • ...in 1913, science fiction author Alfred Bester ("The Demolished Man," "The Stars My Destination") is born in New York City.
  • ...in 1943, musician/songwriter Keith Richards, co-founder of the Rolling Stones ("(I Can't Get No) Satisfaction", "As Tears Go By"), is born in Kent, England.
  • ...in 1958, Project SCORE is launched from Cape Canaveral. It was the first purpose-built communications satellite, and a response to Russia's Sputnik launches the previous year.
  • ...in 2001, singer-songwriter Billie Eilish ("Bad Guy", "No Time to Die"), the youngest person to win the four main Grammy categories in the same year, is born in Los Angeles.