IT Security Newsletter

IT Security Newsletter - 2/19/2024

Written by Cadre | Mon, Feb 19, 2024

FBI-led operation disrupts botnet controlled by state-linked Forest Blizzard

The Department of Justice disrupted a botnet controlled by the Russia state-linked threat group Forest Blizzard, also known as Fancy Bear, in a court-ordered operation to disable hundreds of small office/home office routers used for malicious cyber activity. The botnet used Moobot malware installed on hundreds of vulnerable Ubiquiti Edge OS routers to conduct spear phishing and credential harvesting attacks in the U.S. READ MORE...

Ransomware Group Takes Credit for LoanDepot, Prudential Financial Attacks

The notorious ransomware group known as BlackCat and Alphv has taken credit for the recently disclosed cyberattacks impacting financial giants LoanDepot and Prudential Financial. The two companies were named on the BlackCat leak website on Friday, February 16, and, based on the messages published by the hackers, both companies have refused to pay a ransom. In a post published on its leak website on Friday, the BlackCat ransomware gang claimed it still had access to Prudential systems. READ MORE...

Russian APT 'Winter Vivern' Targets European Government, Military

The Russia-aligned threat group known as Winter Vivern was discovered exploiting cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers across Europe in October - and now its victims are coming to light. The group mainly targeted government, military, and national infrastructure in Georgia, Poland, and Ukraine, according to Recorded Future's Insikt Group report on the campaign released today. READ MORE...

RCE vulnerabilities fixed in SolarWinds enterprise solutions

SolarWinds has released updates for Access Rights Manager (ARM) and (Orion) Platform that fix vulnerabilities that could allow attackers to execute code on vulnerable installations. SolarWinds, the company whose Orion IT administration platform has been infamously compromised in 2020 to deploy backdoors on select agencies' and companies' systems, has patched five vulnerabilities affecting its Access Rights Manager (ARM) solution. READ MORE...

iOS Trojan Collects Face and Other Data for Bank Account Hacking

Researchers at cybersecurity firm Group-IB have come across a new iOS trojan that is designed to help a Chinese cybercrime group obtain information needed to steal money from victims' bank accounts. The threat actor, tracked as GoldFactory, was first spotted last year and it appears to target the APAC region, with attacks likely carried out to date in Thailand and possibly Vietnam. READ MORE...

Tech companies pledge to protect 2024 elections from AI-generated media

A coalition of major technology companies committed on Friday to limit the malicious use of deepfakes and other forms of artificial intelligence to manipulate or deceive voters in democratic elections. The AI elections accord, announced at the Munich Security Conference, outlines a series of commitments to make it harder for bad actors to use generative AI, large language models and other AI tools to deceive voters ahead of a busy election year across the globe in the coming year. READ MORE...

How to weaponize LLMs to auto-hijack websites

AI models, the subject of ongoing safety concerns about harmful and biased output, pose a risk beyond content emission. When wedded with tools that enable automated interaction with other systems, they can act on their own as malicious agents. Computer scientists affiliated with the University of Illinois Urbana-Champaign (UIUC) have demonstrated this by weaponizing several large language models (LLMs) to compromise vulnerable websites without human guidance. READ MORE...

  • ...in 1807, former Vice President of the United States Aaron Burr is arrested for treason, after attempting to form his own country from part of the Louisiana Purchase.
  • ...in 1878, Thomas Edison patents the the first phonograph, which used a wax cylinder as a recording medium.
  • ...in 1924, actor Lee Marvin ("The Dirty Dozen", "Cat Ballou") is born in New York City.
  • ...in 1943, author and former NASA engineer Homer Hickam, known for his memoir "Rocket Boys", is born in Coalwood, WV.