IT Security Newsletter

IT Security Newsletter - 7/2/2020

Written by Cadre | Thu, Jul 2, 2020

Dozens of US news sites hacked in WastedLocker ransomware attacks

The Evil Corp gang hacked into dozens of US newspaper websites owned by the same company to infect the employees of over 30 major US private firms using fake software update alerts displayed by the malicious SocGholish JavaScript-based framework. The employees' computers were used as a stepping point into their companies' enterprise networks as part of what looks like a series of targeted drive-by attacks. READ MORE...

Ransomware Operators Claim They Hacked Printing Giant Xerox

Cybercriminals claim they have hacked the systems of U.S. printing giant Xerox and they are threatening to leak files stolen from the company unless they get paid. The threat actor operating the ransomware known as Maze has published several screenshots on its website in an effort to demonstrate that it has gained access to Xerox systems. The fact that the cybercriminals posted Xerox's name on their website suggests that the company did not contact them within 3 days after its files were encrypted. READ MORE...

Ransomware gangs are doing their homework before encrypting corporate data

The lengthy amount of time that criminal hackers are sitting undetected on the networks of U.S. businesses is giving them powerful leverage to extort their victims, according to a Department of Homeland Security cybersecurity official. Going unnoticed on corporate networks allows ransomware gangs to size up their victims and funnel out data before ransom negotiations even begin, said Matt Travis, deputy director of DHS's Cybersecurity and Infrastructure Security Agency. READ MORE...

TrickBot malware now checks screen resolution to evade analysis

The infamous TrickBot trojan has started to check the screen resolutions of victims to detect whether the malware is running in a virtual machine. When researchers analyze malware, they typically do it in a virtual machine that is configured with various analysis tools. Due to this, malware commonly uses anti-VM techniques to detect whether the malware is running in a virtual machine. If it is, it is most likely being analyzed by a researcher or an automated sandbox system. READ MORE...

New Android Spyware Tools Emerge in Widespread Surveillance Campaign

Researchers have uncovered a surveillance campaign, dating back to at least 2013, which has used a slew of Android surveillanceware tools to spy on the Uyghur ethnic minority group. The campaign uses three never-before-seen Android surveillanceware tools, dubbed SilkBean, GoldenEagle and CarbonSteal, and one previously disclosed tool, DoubleAgent. The purpose of these tools is to gather and exfiltrate personal user data to attacker-operated command-and-control (C2) servers. READ MORE...

Uncovered: 1,000 phrases that incorrectly trigger Alexa, Siri, and Google Assistant

As Alexa, Google Home, Siri, and other voice assistants have become fixtures in millions of homes, privacy advocates have grown concerned that their near-constant listening to nearby conversations could pose more risk than benefit to users. New research suggests the privacy threat may be greater than previously thought. The findings demonstrate how common it is for dialog in TV shows and other sources to produce false triggers that cause the devices to turn on. READ MORE...

Cisco Warns of High-Severity Bug in Small Business Switch Lineup

Cisco Systems is warning of a high-severity flaw affecting more than a half-dozen of its small business switches. The flaw could allow remote, unauthenticated attackers to access the switches' management interfaces with administrative privileges. Specifically affected are Series Smart Switches, Series Managed Switches and Series Stackable Managed Switches. Cisco said it was unaware of active exploitation of the vulnerabilities. READ MORE...

  • ...in 1776, the Second Continental Congress, assembled in Philadelphia, formally adopts a resolution for independence from Great Britain.
  • ...in 1881, President James A. Garfield is shot by assassin Charles J. Guiteau. Garfield lives another 80 days before succumbing to his injuries.
  • ...in 1964, President Johnson signs the Civil Rights Act, prohibiting discrimination based on race, color, religion, sex, or national origin.
  • ...in 1992, Chevrolet builds the 1,000,000th Corvette. It is currently on display at the Corvette Museum.