IT Security Newsletter

IT Security Newsletter - 5/23/2023

Written by Cadre | Tue, May 23, 2023

Dallas under pressure as Royal ransomware group threatens leak

The ransomware attack against Dallas entered a new and all-too common phase Friday as Royal, the threat actor behind the attack, listed the city on its leak site almost three weeks after the city was first made aware of the attack. Threat actors will typically list a victim organization on their leak site after communications have broken down or the threat actor determines the organization doesn't intend to pay the ransom demand, according to ransomware experts. READ MORE...

Suzuki motorcycle plant shut down by cyber attack

The Indian manufacturing plant responsible for manufacturing Suzuki motorcycles has been forced to shut down following a cyber attack. Since May 10, production of bikes and scooters at Suzuki Motorcycle's Indian plant has reportedly been temporarily suspended with the loss of an estimated 20,000 vehicles. In addition, Suzuki Motorcycle has postponed its annual supplier conference, which was due to start this week. READ MORE...

Food Distributor Sysco Says Cyberattack Exposed 126,000 Individuals

Food distributor Sysco Corporation is informing over 126,000 individuals that their personal information was compromised in a recent cyberattack. A multinational company headquartered in Houston, Texas, Sysco is one of the largest distributors of food products, kitchen equipment, smallware, and tabletop products to restaurants, lodging establishments, healthcare and education organizations, and other entities. READ MORE...

Dish Ransomware Attack Impacted Nearly 300,000 People

Satellite TV giant Dish Network has started notifying the individuals whose data was compromised in a recent ransomware attack. The company informed the Maine Attorney General about the data breach last week and shared a copy of the notification letter sent to impacted people. Dish told authorities that the incident impacted more than 296,000 individuals. READ MORE...

Pentagon explosion hoax goes viral after verified Twitter accounts push

Highly realistic AI-generated images depicting an explosion near the Pentagon that went viral on Twitter caused the stock market to dip briefly earlier today. Tweets with images supposedly depicting an explosion near the Pentagon building in Arlington, Virginia, were amplified by many verified Twitter accounts, including a Russian state media one with millions of followers and a verified account impersonating the Bloomberg news agency. READ MORE...

Simple OSINT techniques to spot AI-fueled disinformation, fake reviews

Error messages that ChatGPT and other AI language models generate can be used to uncover disinformation campaigns, hate speech and fake reviews via OSINT collection and analysis, says Nico Dekens, director of intelligence at ShadowDragon. Dekens has recently tried to pinpoint specific indicators that reveal online content - news, social media posts, reviews - created with the help of AI models. READ MORE...

Cyber Warfare Lessons From the Russia-Ukraine Conflict

The Russia-Ukraine war has taught us a lot about cyber warfare. After all, it's the first time ever that a world-class cyber power is simultaneously engaged in a kinetic war. But before we can fully grasp the lessons that have surfaced over the past year, we first have to understand what role cyber plays as part of active kinetic warfare, as well as the criteria that determines its effectiveness. READ MORE...

Update now: 9 vulnerabilities impact Cisco Small Business Series

Vulnerabilities have been found and fixed in the web-based user interface of various Cisco products in the Small Business Series. These nine issues are tied to the web-based user interface of the products, and in a worst case scenario could lead to denial of service (DoS) conditions or arbitrary code execution. However, for those web-based user interfaces that are affected, Cisco has released software updates to fix the vulnerabilities. READ MORE...

Here's how long it takes new BrutePrint attack to unlock 10 different smartphones

Researchers have devised a low-cost smartphone attack that cracks the authentication fingerprint used to unlock the screen and perform other sensitive actions on a range of Android devices in as little as 45 minutes. Dubbed BrutePrint by its creators, the attack requires an adversary to have physical control of a device when it is lost, stolen, temporarily surrendered, or unattended, for instance, while the owner is asleep. READ MORE...

  • ...in 1829, Romanian inventor Cyrill Demian is granted a patent for a new musical instrument -- the accordian.
  • ...in 1928, singer and actress Rosemary Clooney ("Come On-a My House", "Mambo Italiano") is born in Maysville, KY.
  • ...in 1934, engineer and electronic music pioneer Robert Moog, inventor of the Moog synthesizer, is born in New York City.
  • ...in 1934, infamous bank robbers Bonnie and Clyde are ambushed and killed by Texas and Louisiana state police.