IT Security Newsletter

IT Security Newsletter - 8/11/2022

Written by Cadre | Thu, Aug 11, 2022

Cisco hacked by Yanluowang ransomware gang, 2.8GB allegedly stolen

Cisco confirmed today that the Yanluowang ransomware group breached its corporate network in late May and that the actor tried to extort them under the threat of leaking stolen files online. The company revealed that the attackers could only harvest and steal non-sensitive data from a Box folder linked to a compromised employee's account. "Cisco experienced a security incident on our corporate network in late May 2022," a Cisco spokesperson told BleepingComputer. READ MORE...

Palo Alto Networks Firewalls Targeted for Reflected, Amplified DDoS Attacks

Palo Alto Networks is working on fixes for a reflected amplification denial-of-service (DoS) vulnerability that impacts PAN-OS, the platform powering its next-gen firewalls. The company has learned that a threat actor has attempted to abuse firewalls from multiple vendors for distributed denial-of-service (DDoS) attacks. No additional information appears to be available on these attacks and the other impacted firms. READ MORE...

Number of Ransomware Attacks on Industrial Orgs Drops Following Conti Shutdown

The number of ransomware attacks on industrial organizations decreased from 158 in the first quarter of 2022 to 125 in the second quarter, and it may be - at least partially - a result of the Conti operation shutting down. According to data collected by industrial cybersecurity firm Dragos, Conti accounted for a significant chunk of the ransomware attacks on industrial organizations and infrastructure in the previous quarters. READ MORE...

The Security Pros and Cons of Using Email Aliases

One way to tame your email inbox is to get in the habit of using unique email aliases when signing up for new accounts online. Adding a "+" character after the username portion of your email address - followed by a notation specific to the site you're signing up at - lets you create an infinite number of unique email addresses tied to the same account. Aliases can help users detect breaches and fight spam. But not all websites allow aliases, and they can complicate account recovery. READ MORE...

The Hacking of Starlink Terminals Has Begun

Since 2018, Elon Musk's Starlink has launched more than 3,000 small satellites into orbit. This satellite network beams internet connections to hard-to-reach locations on Earth and has been a vital source of connectivity during Russia's war in Ukraine. Thousands more satellites are planned for launch as the industry booms. Now, like any emerging technology, those satellite components are being hacked. READ MORE...

New HTTP Request Smuggling Attacks Target Web Browsers

A security researcher who previously demonstrated how attackers can abuse weaknesses in the way websites handle HTTP requests warned that the same issues can be used in damaging browser-based attacks against users. James Kettle, director of PortSwigger, described his research as shedding new light on so-called desync attacks that exploit disagreements in how a website's back-end and front-end servers interpret HTTP requests. READ MORE...

Multiple Vulnerabilities Discovered in Device42 Asset Management Appliance

A series of vulnerabilities on the popular asset management platform Device42 could be exploited to give attackers full root access to the system, according to Bitdefender. By exploiting a remote code execution (RCE) vulnerability in the staging instance of the platform, attackers could successfully obtain full root access and gain complete control of the assets housed inside, Bitdefender researchers wrote in the report. READ MORE...

Organizations Warned of Critical Vulnerabilities in NetModule Routers

Flashpoint is warning organizations of two newly identified critical vulnerabilities in NetModule Router Software (NRSW) that could be exploited in attacks. Acquired by Belden earlier this year, NetModule provides IIoT and industrial routers, vehicle routers, and other types of wireless M2M connectivity products. All of NetModule's routers run the Linux-based NRSW by default, and can be managed remotely using a remote management platform. READ MORE...

  • ...in 1929, Babe Ruth becomes the first baseball player to hit 500 home runs, at League Park in Cleveland, OH.
  • ...in 1942, film actress and inventor Hedy Lamarr receives a patent for a frequency-switching communication system. It later becomes the basis for cellular and Wi-Fi technology.
  • ...in 1950, computer scientist, programmer, and Apple Computer cofounder Steve Wozniak is born in San Jose, CA.
  • ...in 1952, guitarist Robert "Bob 1" Mothersbaugh of new wave band Devo ("Whip It", "Beautiful World") is born in Akron, OH.