IT Security Newsletter

IT Security Newsletter - 3/2/2023

Written by Cadre | Thu, Mar 2, 2023

LastPass breach timeline: How a months-long cyberattack unraveled

The hits keep coming for LastPass and its customers. A breach in August, which the company said was contained weeks later, continued to unravel and confound investigators for months. The threat actor gained more access following the initial compromise and evaded detection by blending in with legitimate activity, LastPass concluded in recent updates. The details of the cyberattack targeting LastPass got more concerning and specific over recent months. READ MORE...

US government puts cybersecurity at forefront with newly announced National Strategy

The National Cybersecurity Strategy was unveiled today by the Biden-Harris Administration. The Strategy recognizes that government must use all tools of national power in a coordinated manner to protect national security, public safety, and economic prosperity. The United States will make its digital ecosystem: Defensible, where cyber defense is overwhelmingly easier, cheaper, and more effective, Resilient, where cyber incidents and errors have little widespread or lasting impact. READ MORE...

British retail chain WH Smith says data stolen in cyberattack

British retailer WH Smith has suffered a data breach that exposed information belonging to current and former employees. The company operates 1,700 locations across the United Kingdom and employs over 12,500 people, reporting a revenue of $1.67 billion in 2022. "WH Smith PLC has been the target of a cyber security incident which has resulted in illegal access to some company data, including current and former employee data," reads the company's cybersecurity notice filed with London's Stock Exchange. READ MORE...

MKS Instruments says February ransomware attack will clip $200M from revenue

MKS Instruments is expecting a 20% hit to quarterly revenue following a ransomware attack that disrupted its supply chain operations in February. The Feb. 3 ransomware attack materially impacted the company's business systems, disrupting its ability to supply technology for semiconductor manufacturing and advanced electronics, President and CEO John Lee said Tuesday during the company's quarterly earnings call. READ MORE...

Canadian Bookstore Chain Indigo Says Employee Data Stolen in Ransomware Attack

Canadian bookstore chain Indigo this week confirmed that the personal information of both current and former employees was stolen in a ransomware attack last month. The hack, Indigo says, took place on February 8 and resulted in the company taking down affected systems to contain the incident. The company was able to restore online payments and exchanges and returns two weeks ago. READ MORE...

Vice Society publishes data stolen during Vesuvius ransomware attack

A notorious ransomware gang has claimed responsibility for a cyber attack against Vesuvius, the London Stock Exchange-listed molten metal flow engineering company. The Vice Society ransomware gang has published on the dark web files that it stole from Vesuvius, one month after the company announced that it had suffered a "cyber incident." Amusingly, Vice Society included a confidentiality notice alongside the link through which the stolen files can be downloaded. READ MORE...

CISA releases free 'Decider' tool to help with MITRE ATT&CK mapping

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has released 'Decider,' an open-source tool that helps defenders and security analysts quickly generate MITRE ATT&CK mapping reports. The MITRE ATT&CK framework is a standard for identifying and tracking adversary tactics and techniques based on cyberattack observations, allowing defenders to adjust their security posture accordingly. READ MORE...

Booking[.]com's OAuth Implementation Allows Full Account Takeover

Flaws in the authorization system of the Booking[.]com website could have allowed attackers to take over user accounts and gain full visibility into their personal or payment-card data, as well as log in to accounts on the website's sister platform, Kayak[.]com, researchers have found. Researchers from Salt Security discovered the issues in the platform's implementation of OAuth, an open authorization standard designed to allow cross-application access delegation for different sites to share login credentials. READ MORE...

AI voice cracks telephone banking voice recognition

Voice ID is slowly rolling out across various banks worldwide as a way to perform user authentication over the phone. However, questions remain about just how secure it is. Now that we have freely available artificial intelligence (AI) happily replicating people's voices, could it be a security risk? Some recent research suggests that it could. Vice reporter Joseph Cox put it to the test, with surprising results. READ MORE...

  • ...in 1807, Congress passes the Act Prohibiting Importation of Slaves, abolishing the foreign slave trade in the U.S.
  • ...in 1933, "King Kong" premieres at Radio City Music Hall in New York City, only 15 blocks from the actual Empire State Building.
  • ...in 1962, Philadelphia Warriors center Wilt Chamberlain scores 100 points against the New York Knicks, setting the NBA single-game scoring record.
  • ...in 1972, Pioneer 10, the world's first outer-planetary probe, is launched from Cape Canaveral, Florida, on a mission to Jupiter.