IT Security Newsletter

IT Security Newsletter - 8/29/2023

Written by Cadre | Tue, Aug 29, 2023

2.6 million DuoLingo users have scraped data released

An unknown party has released the scraped data of 2.6 million DuoLingo users on a hacking forum. While they offered the data set for sale in January for $1,500, it's now been released on a new version of the Breached hacking forum for 8 site credits, worth only $2.13. DuoLingo is an educational platform most famous for its language learning programs. According to a May 2023 press release, DuoLingo has 72.6 million monthly active users. READ MORE...

Personal, Health Information of 1.2 Million Stolen in PurFoods Ransomware Attack

Meal delivery service PurFoods says the personal and protected health information of more than 1.2 million individuals was stolen in a ransomware attack in early 2023. Partnering with health, Medicare, and Medicaid plans, the Iowa-based organization is the parent of Mom's Meals, a service that delivers health-focused, refrigerated, ready-to-eat meals throughout the US. READ MORE...

MOVEit attack victim count surpasses 1,000 organizations

The blast radius from the mass exploit of a zero-day vulnerability in the MOVEit file transfer service reached another milestone in its destructive spread: more than 1,000 organizations are impacted, according to Emsisoft and KonBriefing Research. The number of organizations hit by the wide-scale attack increased nearly 40% last week, underscoring the scope of impact and challenge organizations are encountering as they work to determine potential exposure. READ MORE...

Signs of Malware Attack Targeting Rust Developers Found on Crates.io

The Crates.io Rust package registry was targeted recently in what appeared to be the initial phase of a malware attack aimed at developers, according to software supply chain security firm Phylum. It's not uncommon for threat actors to rely on typosquatting and software development package registries to deliver malware to Node.js and Python developers. In these types of attacks, hackers typically create packages with names that are misspelled - or typosquatted - variants of popular packages. READ MORE...

Attacks on Citrix NetScaler systems linked to ransomware actor

A threat actor believed to be tied to the FIN8 hacking group exploits the CVE-2023-3519 remote code execution flaw to compromise unpatched Citrix NetScaler systems in domain-wide attacks. Sophos has been monitoring this campaign since mid-August, reporting that the threat actor performs payload injections, uses BlueVPS for malware stating, deploys obfuscated PowerShell scripts, and drops PHP webshells on victim machines. READ MORE...

Easy-to-exploit Skype vulnerability reveals users' IP address

A vulnerability in Skype mobile apps can be exploited by attackers to discover a user's IP address - a piece of information that may endanger individuals whose physical security depends on their general location remaining secret. The security vulnerability has been discovered by a security researcher named Yossi, who privately reported it to Microsoft and demonstrated its effective exploitation to journalist Joseph Cox. READ MORE...

Exploit released for Juniper firewall bugs allowing RCE attacks

Proof-of-concept exploit code has been publicly released for vulnerabilities in Juniper SRX firewalls that, when chained, can allow unauthenticated attackers to gain remote code execution in Juniper's JunOS on unpatched devices. Juniper disclosed four medium-severity bugs in its EX switches and SRX firewalls and released security patches two weeks ago. The security flaws were found in the PHP-based J-Web interface that admins can use to manage and configure Juniper devices on their networks. READ MORE...

  • ...in 1833, King William IV gives his assent to an act of Parliament abolishing slavery throughout the British Empire.
  • ...in 1898, The Goodyear tire company is founded, in Akron, OH, earning the city its nickname: "Rubber City."
  • ...in 1958, United States Air Force Academy opens in Colorado Springs, CO.
  • ...in 1966, The Beatles perform their last paid concert at Candlestick Park in San Francisco.