IT Security Newsletter

IT Security Newsletter - 8/1/2022

Written by Cadre | Mon, Aug 1, 2022

Big Questions Remain Around Massive Shanghai Police Data Breach

Questions continue to swirl around a June 30 incident where an unknown individual put up for sale on a popular underground forum a staggering 23TB of personally identifiable information (PII), belonging to some 1 billion people in China. And, in the meantime, the database is continuing to cause ripples across the Dark Web. The dataset was reportedly accessed from an unsecured Shanghai police database hosted on Alibaba's cloud hosting platform. READ MORE...

Huge network of 11,000 fake investment sites targets Europe

Researchers have uncovered a gigantic network of more than 11,000 domains used to promote numerous fake investment schemes to users in Europe. The platforms show fabricated evidence of enrichment and falsified celebrity endorsements to create an image of legitimacy and lure in a larger number of victims. The goal of the operation is to trick users into an opportunity for high-return investments and convince them to deposit a minimum amount of 250 EUR ($255) to sign up for the fake services. READ MORE...

Microsoft Connects USB Worm Attacks to 'EvilCorp' Ransomware Gang

Cybersleuths at Microsoft have found a link between the recent 'Raspberry Robin' USB-based worm attacks and EvilCorp, a notorious Russian ransomware operation sanctioned by the U.S. government. According to fresh data from Redmond's threat intelligence team, a ransomware-as-a-service gang it tracks as DEV-0206 has been caught rigging online ads to trick targets into installing a loader for additional malware previously attributed to EvilCorp. READ MORE...

N Korean APT Uses Browser Extension to Steal Emails From Foreign Policy, Nuclear Targets

Over the past year, North Korean advanced persistent threat (APT) actor Kimsuky has been observed using a browser extension to steal content from victims' webmail accounts, threat intelligence and incident response company Volexity reports. Active since at least 2012 and also tracked as Black Banshee, Thallium, SharpTongue, and Velvet Chollima, Kimsuky is known for the targeting of entities in South Korea, but also some located in Europe and the United States. READ MORE...

Malicious Npm Packages Tapped Again to Target Discord Users

Threat actors once again are using the node package manager (npm) repository to hide malware that can steal Discord tokens to monitor user sessions and steal data on the popular chat and collaboration platform, researchers have found. A campaign discovered this week by Kaspersky researchers is hiding an open-source token logger alongside a novel JavaScript malware in npm packages. READ MORE...

Akamai: We stopped record DDoS attack in Europe

Akamai Technologies squelched the largest-ever distributed denial-of-service (DDoS) attack in Europe earlier this month against a company that was being consistently hammered over a 30-day period. According to the cybersecurity and cloud services vendor, the height of the attack hit on July 21, when over a 14-hour period it peaked at 659.6 million packets per second (Mpps) and 853.7 gigabits per second (Gbps). READ MORE...

  • ...in 1819, author Herman Melville ("Moby-Dick", "Bartleby, The Scrivener") is born in New York City.
  • ...in 1834, slavery is abolished in the British Empire, as the prior year's Slavery Abolition Act comes into force.
  • ...in 1941, the first US Army Jeep is produced.
  • ...in 1981, MTV begins broadcasting in the United States. The first music video they play is "Video Killed the Radio Star", by The Buggles.