IT Security Newsletter

IT Security Newsletter - 2/20/2023

Written by Cadre | Mon, Feb 20, 2023

GoDaddy says a multi-year breach hijacked customer websites and accounts

GoDaddy said on Friday that its network suffered a multi-year security compromise that allowed unknown attackers to steal company source code, customer and employee login credentials, and install malware that redirected customer websites to malicious sites. GoDaddy is one of the world's largest domain registrars, with nearly 21 million customers and revenue in 2022 of almost $4 billion. READ MORE...

FBI says cyber incident at New York field office 'contained'

The FBI says it has contained a cyber incident at the agency's New York field office that reportedly affected a computer network used in child sexual exploitation investigations. In a statement to FedScoop, the agency said it is aware of the incident and is working to gain additional information. The FBI added: "This is an isolated incident that has been contained. As this is an ongoing investigation the FBI does not have further comment to provide at this time." READ MORE...

Not Stoked: Burton Snowboards' Online Orders Disrupted After Cyberattack

Burton Snowboards, a favorite brand for downhill shredders and X-Games fans everywhere, has closed down its e-commerce operations due to a "cyber incident" that occurred earlier this week. In an online system-outage update, the Burlington-based company noted that a Feb. 14 attack continues to impact "some of our operations," and added, "we are working closely with third-party specialists to investigate the incident and determine the full nature and scope." READ MORE...

Coinbase cyberattack targeted employees with fake SMS alert

Coinbase cryptocurrency exchange platform has disclosed that an unknown threat actor stole the login credentials of one of its employees in an attempt to gain remote access to the company's systems. As a result of the intrusion the attacker obtained some contact information belonging to multiple Coinbase employees, the company said, adding that customer funds and data remained unaffected. READ MORE...

Novel Spy Group Targets Telecoms in 'Precision-Targeted' Cyberattacks

A previously unknown threat actor is targeting telecommunications companies in the Middle East in what appears to be a cyber-espionage campaign similar to many that have hit telecom organizations in multiple countries in recent years. Researchers from SentinelOne who spotted the new campaign said they're tracking it as WIP26, a designation the company uses for activity it has not been able to attribute to any specific cyberattack group. READ MORE...

Fortinet plugs critical security hole in FortiNAC, with a PoC incoming (CVE-2022-39952)

Fortinet has dropped fixes for 40 vulnerabilities in a variety of its products, including two critical vulnerabilities (CVE-2022-39952, CVE-2021-42756) affecting its FortiNAC and FortiWeb solutions. Since cyberattackers love to exploit vulnerabilities in Fortinet enterprise solutions and a PoC exploit for CVE-2022-39952 is expected to be released soon, admins are advised to get a move on patching. READ MORE...

SolarWinds Announces Upcoming Patches for High-Severity Vulnerabilities

SolarWinds this week published multiple advisories describing high-severity vulnerabilities expected to be patched with a SolarWinds Platform update by the end of February. Out of a total of seven security defects, five are described as deserialization of untrusted data issues that could be exploited to achieve command execution. Four of them have a CVSS score of 8.8. READ MORE...

New WhiskerSpy malware delivered via trojanized codec installer

Security researchers have discovered a new backdoor called WhiskerSpy used in a campaign from a relatively new advanced threat actor tracked as Earth Kitsune, known for targeting individuals showing an interest in North Korea. The actor used a tried and tested method and picked victims from visitors to a pro North Korea website, a tactic known as a watering hole attack. READ MORE...

Newly Disclosed Vulnerability Exposes EOL Arris Routers to Attacks

Malwarebytes warns of a remote code execution vulnerability impacting several Arris routers, for which proof-of-concept (PoC) exploit code has been released. Tracked as CVE-2022-45701, the bug exists because the router firmware does not properly neutralize special characters in requests, which allowed security researcher Yerodin Richards to perform shell script command injection. READ MORE...

Man beats machine at Go in human victory over AI

A human player has comprehensively defeated a top-ranked AI system at the board game Go, in a surprise reversal of the 2016 computer victory that was seen as a milestone in the rise of artificial intelligence. Kellin Pelrine, an American player who is one level below the top amateur ranking, beat the machine by taking advantage of a previously unknown flaw that had been identified by another computer. READ MORE...

  • ...in 1872, the Metropolitan Museum of Art opens in New York City.
  • ...in 1927, actor Sidney Poitier ("In the Heat of the Night", "To Sir, With Love") is born in Miami, FL.
  • ...in 1960, comedian Joel Hodgson, creator of the TV cult classic "Mystery Science Theater 3000", is born in Stevens Point, WI.
  • ...in 1986, the Soviet Union launches the first module of the space station Mir, which would be gradually assembled in orbit over the following 10 years.