IT Security Newsletter

IT Security Newsletter - 5/21/2020

Written by Cadre | Thu, May 21, 2020

Alleged Hacker Behind Massive 'Collection 1' Data Dump Arrested

A hacker accused of selling hundreds of millions of stolen credentials from last year's "Collection 1" data dump on the dark web has been arrested in the Ukraine. The Security Service of Ukraine (SSU) took into custody a threat actor known as "Sanix," who they claim posted 773 million e-mail addresses and 21 million unique passwords on a hacker forum last year, according to a press release. The SSU said it worked with the Ukrainian cyber police and National Police on the investigation. READ MORE...

Home Chef food delivery service confirms breach, two weeks after stolen data went for sale

Customers who used the Home Chef delivery service won't be the first to know their data was stolen and put up for sale. Nearly two weeks after security researchers said they found usernames and passwords belonging to Home Chef users for sale, the Chicago-based company said a security incident has resulted in the compromise of information about an undisclosed number of its customers. READ MORE...

Japan investigates Mitsubishi Electric breach amid national security concerns

Japan is investigating a possible breach of sensitive defense contracting data following a cyberattack last year on electronics giant Mitsubishi Electric, officials said Wednesday. Data likely stolen in the hack, which Mitsubishi disclosed earlier this year, included specifications of hypersonic missile prototypes that Japan is developing, according to a report in Asahi Shimbun, a Japanese newspaper. READ MORE...

Vigilante hackers target 'scammers' with ransomware, DDoS attacks

A hacker has been taking justice into their own hands by targeting "scam" companies with ransomware and denial of service attacks. Last week a new ransomware was discovered called MilkmanVictory that a hacking group stated they created to attack scammers. In a conversation with BleepingComputer, the hacking group known as 'CyberWare' stated that they have started targeting companies performing what they call "loan scams." READ MORE...

Beware of phishing emails urging for a LogMeIn security update

LogMeIn users are being targeted with fake security update requests, which lead to a spoofed phishing page. "Should recipients fall victim to this attack, their login credentials to their LogMeIn account would be compromised. Additionally, since LogMeIn has SSO with Lastpass as LogMeIn is the parent company, it is possible the attacker may be attempting to obtain access to this user's password manager," Abnormal Security noted. READ MORE...

Supreme Court Phish Targets Office 365 Credentials

A highly-targeted phishing attack pretends to deliver subpoenas, but actually ends up collecting victims' Office 365 credentials. The ongoing campaign has slipped by Office 365 and gateway security controls to hit several C-Suite level victims thus far. The phishing emails spoof the U.S. Supreme Court, aiming to capitalize on scare tactics to convince targets to click on an embedded link. READ MORE...

New PipeMon malware uses Windows print processors for persistence

Video game companies are once again victims of the Winnti hacking group, who used new malware that researchers named PipeMon and a novel method to achieve persistence. PipeMon is a modular backdoor identified earlier this year on servers belonging to several developers of massively multiplayer online (MMO) games. Winnti activity has been detected as far back as 2011. Most of its victims are from the video game and software industry but the group also targeted healthcare and education organizations. READ MORE...

Is Zero Trust the Best Answer to the COVID-19 Lockdown?

As businesses operate under the COVID-19 shutdown, they undergo forced digitalization. Many people are teleworking, exponentially expanding remote access loads. Organizations also experience disruption to the supply chain, business continuity/disaster recovery (BC/DR) issues, and ramped-up cyberattacks. How well they are able to navigate the new abnormal depends on where they fall in the network security continuum between a relatively closed or relatively open "zero-trust" environment. READ MORE...

Office 365 exposed some internal search results to other companies

As the well-worn internet saying goes - there is no cloud, it's just someone else's computer. It opens our coverage of the news last February that some Google Photos data had been inadvertently made accessible to the wrong users. Now Microsoft has suffered its own smaller version of the same phenomenon on the Office 365 platform (or Microsoft 365 as its business versions are now called). READ MORE...

  • ...in 1881, the American Red Cross is founded by Clara Barton, a former Civil War nurse known as the "Angel of the Battlefield".
  • ...in 1927, Lindbergh lands in Paris, completing the word's first solo nonstop flight across the Atlantic Ocean.
  • ...in 1932, Amelia Earhart becomes the first woman to duplicate Lindbergh's solo trans-Atlantic flight, exactly five years later.
  • ...in 1980, "The Empire Strikes Back" opens in cinemas across the U.S.