IT Security Newsletter

IT Security Newsletter - 4/21/2022

Written by Cadre | Thu, Apr 21, 2022

Major cryptography blunder in Java enables "psychic paper" forgeries

Organizations using newer versions of Oracle's Java framework woke up on Wednesday to a disquieting advisory: A critical vulnerability can make it easy for adversaries to forge TLS certificates and signatures, two-factor authentication messages, and authorization credentials generated by a range of widely used open standards. The vulnerability, which Oracle patched on Tuesday, affects the company's implementation of the Elliptic Curve Digital Signature Algorithm in Java versions 15 and above. READ MORE...

Five Eyes nations fear wave of Russian attacks against critical infrastructure

The Five Eyes nations' cybersecurity agencies this week urged critical infrastructure to be ready for attacks by crews backed by or sympathetic to the Kremlin amid strong Western opposition to Russia's invasion of Ukraine. The joint alert, issued by cybersecurity authorities in the US, UK, Australia, Canada and New Zealand, provides technical details on more than a dozen Russian state-sponsored hacking groups and Russia-aligned cybercrime gangs. READ MORE...

Okta: Lapsus$ breach lasted only 25 minutes, hit 2 customers

Identity and access management firm Okta says an investigation into the January Lapsus$ breach concluded the incident's impact was significantly smaller than expected. Based on the final forensic report, Okta's Chief Security Officer David Bradbury said the attacker only accessed the two active customer tenants after gaining control of a single workstation used by an engineer working for Sitel, the third-party customer support services provider at the center of the incident. READ MORE...

FBI warns agricultural sector of heightened risk of ransomware attacks

The FBI on Wednesday alerted food and agriculture companies to be prepared for ransomware operatives to potentially attack agricultural entities during planting and harvest seasons - a time frame the feds warned is more likely to draw the attention of ransomware actors bent on leveraging the sector at its most vulnerable, including now as the spring planting season gets underway. READ MORE...

REvil reborn? Notorious gang's dark web site redirects to new ransomware operation

Sometimes referred to as Sodinokibi, the notorious REvil ransomware-as-a-service (RAAS) enterprise was responsible for a series of high profile attacks against the likes of the world's biggest meat supplier JBS Foods and IT service firm Kaseya. However, it looked like its activities had come to a halt after law enforcement agencies pushed REvil offline in October 2021, and Russia reportedly arrested 14 of the gang's members earlier this year. READ MORE...

Oracle releases massive Critical Patch Update containing 520 security patches

Oracle has issued a Critical Patch Update which contains 520 new security patches across various product families. A few of these updates may need your urgent attention if you are a user of the affected product. Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). These are the CVEs that look most urgent. READ MORE...

FBI: BlackCat ransomware breached at least 60 entities worldwide

The Federal Bureau of Investigation (FBI) says the Black Cat ransomware gang, also known as ALPHV, has breached the networks of at least 60 organizations worldwide between November 2021 and March 2022. The FBI's Cyber Division revealed this in a TLP:WHITE flash alert released on Wednesday in coordination with the Cybersecurity and Infrastructure Security Agency (DHS/CISA). READ MORE...

Emotet reestablishes itself at the top of the malware world

More than a year after essentially being shut down, the notorious Emotet malware operation is showing a strong resurgence. In a March threat index, Check Point researchers put the Windows software nasty at the top of its list as the most widely deployed malware, menacing or infecting as much as 10 percent of organizations around the globe during the month - a seemingly unbelievable estimate, and apparently double that of February. READ MORE...

  • ...in 1895, inventor Woodville Latham demonstrates the first motion picture projection technology, dubbed the "Eidoloscope", in New York City.
  • ...in 1918, German fighter pilot Manfred von Richthofen, also known as the "Red Baron", is killed by Allied fire near Amiens, France.
  • ...in 1934, the famous blurry photograph of the Loch Ness Monster is printed in the Daily Mail. It is later proven to be a hoax.
  • ...in 1992, astronomers Aleksandr Wolszczan and Dale Frail announce their discovery of the first known extrasolar planets, orbiting a pulsar 2300 light years from our Sun.