IT Security Newsletter

IT Security Newsletter - 12/3/2021

Written by Cadre | Fri, Dec 3, 2021

TSA Requires Rail and Airports to Strengthen Cybersecurity

The Transportation Security Administration is issuing new directives and recommendations aimed at strengthening the cybersecurity defenses of U.S. rail and airport operators. The Biden administration said the requirements made public Thursday are part of a broader effort at protecting the nation's critical infrastructure from ongoing cyberespionage and a surge in disruptive ransomware attacks. READ MORE...

Threat Group Takes Aim Again at Cloud Platform Provider Zoho

State-backed adversaries expanded attacks against cloud platform company Zoho and its ManageEngine ServiceDesk Plus software, a help desk and asset management solution. A recent campaign marks an uptick in attacks against the firm's platform, which have also included past targeting of Zoho's ADSelfService Plus. This most recent campaign, reported by Palo Alto Networks Unit 42 this week, dovetails warnings in September by the FBI, CISA and the U.S. Coast Guard Cyber Command (CGCYBER) of similar attacks. READ MORE...

Phishing actors start exploiting the Omicron COVID-19 variant

Phishing actors have quickly started to exploit the emergence of the Omicron COVID-19 variant and now use it as a lure in their malicious email campaigns. Threat actors are quick to adjust to the latest trends and hot topics, and increasing people's fears is an excellent way to cause people to rush to open an email without first thinking it through. READ MORE...

Emotet being spread via malicious Windows App Installer packages

As reported by Cryptolaemus on Twitter, and demonstrated step by step by BleepingComputer, Emotet is now being distributed through malicious Windows App Installer packages that pretend to be Adobe PDF software. To understand what Microsoft is supposed to do about this method, we need to look at how these attacks work. URLs are sent out to victims by using malspam. The emails are sent to appear as replies to existing conversations by using stolen reply-chain emails. READ MORE...

AT&T Takes Steps to Mitigate Botnet Found Inside Its Network

AT&T is taking action to take down a botnet that had set up shop inside its network, infecting 5,700 VoIP servers that route traffic from enterprise customers to upstream mobile providers. Researchers from Netlab, a network security division of Chinese tech giant Qihoo 360, first discovered what they characterized as a "brand-new botnet" attacking Edgewater Networks devices, using a vulnerability in EdgeMarc Enterprise Session Border Controllers, tracked as CVE-2017-6079. READ MORE...

Hackers use in-house Zoho ServiceDesk exploit to drop webshells

An advanced persistent threat (APT) group that had been exploiting a flaw in the Zoho ManageEngine ADSelfService Plus software has pivoted to leveraging a different vulnerability in another Zoho product. The actor has been seen exploiting an unauthenticated remote code execution issue in Zoho ServiceDesk Plus versions 11305 and older, currently tracked as CVE-2021-44077. READ MORE...

CISA Adds Zoho, Qualcomm, Mikrotik Flaws to 'Must-Patch' List

The U.S. government's cybersecurity agency has updated its catalog of "known exploited vulnerabilities" and set deadlines for federal agencies to apply fixes for security defects in software made by Qualcomm, Mikrotik, Zoho and the Apache Software Foundation. Citing evidence of active exploitation against five specific vulnerabilities, the Cybersecurity and Infrastructure Security Agency (CISA) warned that further delays in applying available fixes "pose significant risk to the federal enterprise." READ MORE...

  • ...in 1930, French New Wave filmmaker Jean-Luc Godard ("Breathless", "Pierrot le Fou") is born in Paris.
  • ...in 1967, 53-year-old Lewis Washkansky receives the first human heart transplant in Cape Town, South Africa.
  • ...in 1968, Elvis Presley's '68 Comeback Special first airs on NBC.
  • ...in 1994, Sony releases the original PlayStation, the first home video game system to sell over 100 million units.