IT Security Newsletter

IT Security Newsletter - 5/19/2023

Written by Cadre | Fri, May 19, 2023

Dole incurs $10.5M in direct costs from February ransomware attack

Dole said a February ransomware attack cost $10.5 million in direct costs, it said in its first quarter earnings report Thursday. About $4.8 million of those costs were related to continuing operations. The attack had a limited overall impact on its operations, with the main disruption occurring on its fresh vegetables and Chilean business. The company's fresh vegetable business incurred about $5.7 million in costs related to the attack, CEO Rory Byrne said during the quarterly conference call Thursday. READ MORE...

18-year-old charged with hacking 60,000 DraftKings betting accounts

The Department of Justice revealed today that an 18-year-old man named Joseph Garrison from Wisconsin had been charged with hacking into the accounts of around 60,000 users of the DraftKings sports betting website in November 2022. According to the complaint, the suspect used an extensive list of credentials from other breaches to hack into the accounts. He then sold the hijacked accounts, and the buyers stole approximately $600,000 from around 1,600 compromised accounts. READ MORE...

Researchers Identify Second Developer of 'Golden Chickens' Malware

Cybersecurity firm eSentire says it has identified the second developer of Golden Chickens, a malware suite used by financially-motivated cybercrime groups Cobalt Group and FIN6. Offered under a malware-as-a-service (MaaS) model since 2018, Golden Chickens has been used by the Russia-based Cobalt Group and FIN6 cybercrime rings to target organizations in various industries, causing financial losses or more than $1.4 billion. READ MORE...

A different kind of ransomware demand: Donate to charity to get your data back

Anew and increasingly active ransomware group that's attacked nearly 200 organizations in less than two months has a different spin on its extortion efforts: Don't pay us, pay a charity. So far, this unnamed group that is at least publicly claiming to be driven by anti-capitalist sentiment and its own brand of cyber benevolence is largely targeting users Zimbra, an online workplace collaboration tool. READ MORE...

Apple Patches 3 Exploited WebKit Zero-Day Vulnerabilities

Apple on Thursday released security updates for its operating systems to patch dozens of vulnerabilities that could expose iPhones and Macs to hacker attacks, including three zero-days affecting the WebKit browser engine. Two of the actively exploited vulnerabilities, CVE-2023-28204 and CVE-2023-32373, have been reported to the tech giant by an anonymous researcher. Their exploitation can lead to sensitive information disclosure and arbitrary code execution. READ MORE...

Child safety app riddled with vulnerabilities: Update now!

An app designed to restrict screen time and add a "kids' mode" for children on smart devices has been found to have a broad range of security issues. The app, "Parental Control - Kids Place" is an Android app which is incredibly popular, sporting 5M+ downloads on its Google Play page. Despite this, the five flaws discovered by the SEC Consult researchers would give most parents quite the headache in terms of device, account, and child safety. READ MORE...

Hackers target vulnerable Wordpress Elementor plugin after PoC released

Hackers are now actively probing for vulnerable Essential Addons for Elementor plugin versions on thousands of WordPress websites in massive Internet scans, attempting to exploit a critical account password reset flaw disclosed earlier in the month. The critical-severity flaw is tracked as CVE-2023-32243 and impacts Essential Addons for Elementor versions 5.4.0 to 5.7.1, allowing unauthenticated attackers to arbitrarily reset the passwords of administrator accounts and assume control of the websites. READ MORE...

  • ...in 1749, King George II of England grants the Ohio Company a charter of several hundred thousand acres of land around the forks of the Ohio River.
  • ...in 1951, musician Jeffrey Ross Hyman AKA Joey Ramone, the lead singer of classic punk rock group the Ramones, is born in Queens, NY.
  • ...in 1963, the New York Post Sunday Magazine publishes Dr. Martin Luther King Jr.'s "Letter from Birmingham Jail".
  • ...in 1984, "Press Your Luck" contestant Michael Larson exploits a flaw in the game show's "random" prize board to win USD $110,000 in a single night.