IT Security Newsletter

IT Security Newsletter - 9/12/2022

Written by Cadre | Mon, Sep 12, 2022

Cisco confirms Yanluowang ransomware leaked stolen company data

Cisco has confirmed that the data leaked yesterday by the Yanluowang ransomware gang was stolen from the company network during a cyberattack in May. However, the company says in an update that the leak does not change the initial assessment that the incident has no impact on the business. In a report in August, Cisco announced that its network had been breached by the Yanluowang ransomware after the hackers compromised an employee's VPN account. READ MORE...

Google Patches Critical Vulnerabilities in Pixel Phones

Google's September 2022 security update for Pixel devices addresses two critical vulnerabilities. A total of 46 other security flaws were resolved in the Android platform this month. The Pixel components impacted by the two critical bugs are Trusty and kernel. Tracked as CVE-2022-20231 and CVE-2022-20364, both issues could lead to escalation of privileges, Google explains. READ MORE...

New Linux malware combines unusual stealth with a full suite of capabilities

Researchers this week unveiled a new strain of Linux malware that's notable for its stealth and sophistication in infecting both traditional servers and smaller Internet-of-things devices. Dubbed Shikitega by the AT&T Alien Labs researchers who discovered it, the malware is delivered through a multistage infection chain using polymorphic encoding. It also abuses legitimate cloud services to host command-and-control servers. These things make detection extremely difficult. READ MORE...

Monti, the New Conti: Ransomware Gang Uses Recycled Code

Analysts have discovered a ransomware campaign from a new group called "Monti," which relies almost entirely on leaked Conti code to launch attacks. The Monti group emerged with a round of ransomware attacks over the Independence Day weekend, and was able to successfully exploit the Log4Shell vulnerability to encrypt 20 BlackBerry user hosts and 20 servers, BlackBerry's Research and Intelligence Team reported. READ MORE...

Uber exec accused of disguising data-breach extortion as "bug bounty"

After the Federal Trade Commission began investigating a massive Uber data breach in 2016, the tech company was hit with another breach that was seemingly just as concerning. Rather than report the second data breach to the FTC and risk further public embarrassment, then-Uber security chief Joe Sullivan consulted with lawyers and then negotiated with the hackers. He allegedly set up a deal un.der which Uber paid the hackers a $100,000 "bug bounty" to delete the data, then pretended the data breach was part of a planned test of Uber's security READ MORE...

Why Ports Are at Risk of Cyberattacks

Evidence indicates that the world's ports are returning to pre-pandemic levels. During the first 11 months of 2021, the value of US international freight increased by more than 22% (PDF) compared with the same 11 months in 2020. More freight means more ships docking at port. And not only are more ships docking, but their dwell times are increasing as well. The average container vessel dwell time at the top 25 US container ports was estimated at 28.1 hours in 2020. READ MORE...

CISA issues advisory after vulnerabilities found on Baxter infusion pumps

Baxter is working to patch software on its Sigma Spectrum Infusion Pumps after cybersecurity consultants Rapid7 found multiple vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency said in a Thursday advisory that "successful exploitation of these vulnerabilities could result in access to sensitive data and alteration of system configuration." Baxter's Sigma products have been the subject of previous cybersecurity warnings, and a recent study found 75% of pumps have vulnerabilities.. READ MORE...

Attackers Exploit Zero-Day WordPress Plug-in Vulnerability in BackupBuddy

Attackers are actively exploiting a critical vulnerability in BackupBuddy, a WordPress plug-in that an estimated 140,000 websites are using to back up their installations. The vulnerability allows attackers to read and download arbitrary files from affected websites, including those containing configuration information and sensitive data such as passwords that can be used for further compromise. READ MORE...

  • ...in 1914, character actor Desmond Llewelyn, best known as MI6 quartermaster "Q" in seventeen of the James Bond films, is born in Monmouthshire, Wales.
  • ...in 1931, legendary country music singer George Jones is born in Saratoga, TX.
  • ...in 1933, Hungarian-born physicist Leo Szilard has an epiphany while crossing a rainy London street, leading him to first conceive of the nuclear chain reaction.
  • ...in 1952, drummer/lyricist Neil Peart of Canadian rock group Rush is born in Hamilton, Ontario.
  • ...in 1959, Bonanza premieres as the first regularly scheduled color TV program.