IT Security Newsletter

IT Security Newsletter - 4/26/2023

Written by Cadre | Wed, Apr 26, 2023

US Cyberwarriors Thwarted 2020 Iran Election Hacking Attempt

Iranian hackers broke into to a system used by a U.S. municipal government to publish election results in 2020 but were discovered by cyber soldiers operating abroad and kicked out before an attack could be launched, according to U.S. military and cybersecurity officials. The system involved in the previously undisclosed breach was not for casting or counting ballots, but rather was used to report unofficial election results on a public website. READ MORE...

DDoS, Not Ransomware, Is Top Business Concern for Edge Networks

Distributed denial-of-service (DDoS) is the attack method businesses are most concerned about, believing it will have the largest impact on the business. That was among the chief findings of AT&T's "2023 Cybersecurity Insights Report," based on a survey of 1,418 participants. Theresa Lanowitz, head of cybersecurity evangelism at AT&T Business, calls the perceived risk and rise in concern for DDoS attacks surprising. READ MORE...

The good, the bad and the generative AI

Change in the tech industry is usually evolutionary, but perhaps more interesting are the exceptions to this rule - the microprocessor in 1968, the IBM PC in 1981, the web in 1989, the smartphone in 2007. These are the technologies whose appearance began new eras that completely reshaped the industry around them. Generative AI, the result of decades of research into neural networking and Generative Adversarial Networks (GANs), is widely seen as the next candidate on this list. READ MORE...

The Decline in Ransomware: Does It Actually Increase Risks for Organizations?

Rising ransomware activity has dominated cyber conversations for the better part of the past decade. Global retail giants and thousands of educational institutions and healthcare providers have been among those to fall victim to rampant ransomware attacks. However, this past year, there has been a surprising number of reports that ransomware attacks are declining. READ MORE...

VMware fixes critical zero-day exploit chain used at Pwn2Own

VMware has released security updates to address zero-day vulnerabilities that could be chained to gain code execution systems running unpatched versions of the company's Workstation and Fusion software hypervisors. The two flaws were part of an exploit chain demoed by the STAR Labs team's security researchers one month ago, during the second day of the Pwn2Own Vancouver 2023 hacking contest. READ MORE...

Black Basta ransomware attacks Yellow Pages Canada

The Canadian Yellow Pages Group has confirmed it recently became victim of a cyberattack. The Black Basta ransomware group has claimed responsibility for this attack by posting about Yellow Pages on the "Basta News" leak site. When such a post shows up, it usually means that negotiations with the victim have stopped and that the ransomware group is getting ready to sell the data it managed to get its hands on during the attack. READ MORE...

Chinese hackers use new Linux malware variants for espionage

Hackers are deploying new Linux malware variants in cyberespionage attacks, such as a new PingPull variant and a previously undocumented backdoor tracked as 'Sword2033.' PingPull is a RAT (remote access trojan) first documented by Unit 42 last summer in espionage attacks conducted by the Chinese state-sponsored group Gallium, also known as Alloy Taurus. The attacks targeted government and financial organizations in Australia, Russia, Belgium, Malaysia, Vietnam, and the Philippines. READ MORE...

More than 2K organizations at risk of major attacks linked to SLP vulnerability

A high-severity vulnerability in a legacy internet protocol could lead to massive denial-of-service amplification attacks around the world at more than 2,000 organizations, researchers from BitSight and Curesec said Tuesday. Researchers have identified more than 54,000 instances of the service location protocol vulnerability, involving more than 670 different products. READ MORE...

Apache Superset: A story of insecure default keys, thousands of vulnerable systems, few paying attention

Apache Superset until earlier this year shipped with an insecure default configuration that miscreants could exploit to login and take over the data visualization application, steal data, and execute malicious code. In an advisory on Tuesday, security firm Horizon3.ai explained that when a user logs into a Superset instance, the web application sends a session cookie with a user identifier back to the visitor's web browser. READ MORE...

  • ...in 1865, Union cavalry troops fatally shoot fugitive assassin John Wilkes Booth, 10 days after he shot and killed President Lincoln.
  • ...in 1933, actor and comedian Carol Burnett ("The Carol Burnett Show", "Annie") is born in San Antonio, TX.
  • ...in 1961, action film star and martial artist Jet Li ("Hero", "Fist of Legend") is born in Beijing, China.
  • ...in 1986, the Chernobyl power plant in Ukraine experiences a reactor failure, causing the worst nuclear disaster in human history.