IT Security Newsletter

IT Security Newsletter - 4/25/2024

Written by Cadre | Thu, Apr 25, 2024

Cisco Raises Alarm for 'ArcaneDoor' Zero-Days Hitting ASA Firewall Platforms

Technology giant Cisco on Wednesday warned that professional, nation state-backed hacking teams are exploiting at least two zero-day vulnerabilities in its ASA firewall platforms to plant malware on telecommunications and energy sector networks. According to an advisory from Cisco Talos, the attackers are taking aim at software defects in certain devices running Cisco Adaptive Security Appliance (ASA) or Cisco Firepower Threat Defense (FTD) productS. READ MORE...

Iran Dupes US Military Contractors, Gov't Agencies in Years-Long Cyber Campaign

An elite team of Iranian state-sponsored hackers successfully infiltrated hundreds of thousands of employee accounts at US companies and government agencies, according to the Feds, as part of a multiyear cyber espionage campaign aimed at stealing military secrets. The US Departments of Treasury and State are among those compromised in the elaborate campaign, which lasted from 2016 to 2021 according to a US Justice Department indictment unsealed this week. READ MORE...

North Korea APT Triumvirate Spied on South Korean Defense Industry For Years

North Korea's premiere advanced persistent threats (APTs) have been quietly spying on South Korean defense contractors for at least a year and a half, infiltrating some 10 organizations. South Korean police this week released the findings of an investigation that uncovered concurrent espionage campaigns carried out by Andariel (aka Onyx Sleet, Silent Chollima, Plutonium), Kimsuky (aka APT 43, Thallium, Velvet Chollima, Black Banshee), and the broader Lazarus Group. READ MORE...

New Brokewell malware takes over Android devices, steals data

Security researchers have discovered a new Android banking trojan they named Brokewell that can capture every event on the device, from touches and information displayed to text input and the applications the user launches. The malware is delivered through a fake Google Chrome update that is shown while using the web browser. Brokewell is under active development and features a mix of extensive device takeover and remote control capabilities. READ MORE...

Schneier: The Rise of Large-Language-Model Optimization

The web has become so interwoven with everyday life that it is easy to forget what an extraordinary accomplishment and treasure it is. In just a few decades, much of human knowledge has been collectively written up and made available to anyone with an internet connection. But all of this is coming to an end. The advent of AI threatens to destroy the complex online ecosystem that allows writers, artists, and other creators to reach human audiences. READ MORE...

WP Automatic WordPress plugin hit by millions of SQL injection attacks

Hackers have started to target a critical severity vulnerability in the WP Automatic plugin for WordPress to create user accounts with administrative privileges and to plant backdoors for long-term access. Currently installed on more than 30,000 websites, WP Automatic lets administrators automate content importing (e.g. text, images, video) from various online sources and publishing on their WordPress site. READ MORE...

Palo Alto Networks Shares Remediation Advice for Hacked Firewalls

Palo Alto Networks has shared remediation instructions for organizations whose firewalls have been hacked through the exploitation of the vulnerability tracked as CVE-2024-3400. On Wednesday, the cybersecurity giant updated its advisory for CVE-2024-3400 to include a link to a knowledge base article providing remediations depending on the exploitation attempt's level of success. READ MORE...

  • ...in 1940, actor Al Pacino ("The Godfather", "Serpico") is born in Manhattan, NY.
  • ...in 1953, The magazine Nature publishes an article by biologists Francis Crick and James Watson, describing DNA's double helix structure.
  • ...in 1960, The first fully submerged circumnavigation of the Earth is completed by a US Navy nuclear submarine, USS Triton.
  • ...in 2000, the Cincinnati Bearcats retired the #4 jersey worn by power forward Kenyon Martin.