IT Security Newsletter

IT Security Newsletter - 9/24/2021

Written by Cadre | Fri, Sep 24, 2021

Port of Houston Target of Suspected Nation-State Hack

The Port of Houston, a critical piece of infrastructure along the Gulf Coast, issued a statement Thursday saying it had successfully defended against an attempted hack in August and "no operational data or systems were impacted." Cybersecurity and Infrastructure Security Agency Director Jen Easterly initially disclosed that the port was the target of an attack at a Senate committee hearing Thursday morning. She said she believed a "nation-state actor" was behind the hack, but did not say which one. READ MORE...

US Eye-Care Providers Report Data Breaches

The protected health information of hundreds of thousands of Americans has been exposed in two separate security incidents at eye-care providers in the United States. Simon Eye Management reported a data breach to the Department of Health and Human Services' Office for Civil Rights on September 14. An email hacking incident at the Delaware-based eye-care group exposed the data of 144,000 individuals. READ MORE...

Report: Suspected Chinese Hack Targets Indian Media, Gov't

A U.S.-based private cybersecurity company said Wednesday it has uncovered evidence that an Indian media conglomerate, a police department and the agency responsible for the country's national identification database have been hacked, likely by a state-sponsored Chinese group. The Insikt Group, the threat research division of Massachusetts-based Recorded Future, said the hacking group made use of Winnti malware, which it said is exclusively shared among several Chinese state-sponsored activity groups. READ MORE...

SonicWall fixes critical bug allowing SMA 100 device takeover

SonicWall has patched a critical security flaw impacting several Secure Mobile Access (SMA) 100 series products that can let unauthenticated attackers remotely gain admin access on targeted devices. The SMA 100 series appliances vulnerable to attacks targeting the improper access control vulnerability tracked as CVE-2021-20034 includes SMA 200, 210, 400, 410, and 500v. READ MORE...

Researcher drops three iOS zero-days that Apple refused to fix

Proof-of-concept exploit code for three iOS zero-day vulnerabilities (and a fourth one patched in July) was published on GitHub after Apple delayed patching and failed to credit the researcher. The unknown researcher who found the four zero-days reported them to Apple between March 10 and May 4. However, the company silently patched one of them in July with the release of 14.7 without giving credit in the security advisory. READ MORE...

Vulnerabilities May Slow Air Force's Adoption of Artificial Intelligence

The Air Force needs to better prepare to defend AI programs and algorithms from adversaries that may seek to corrupt training data, the service's deputy chief of staff for intelligence, surveillance, reconnaissance and cyber effects said Wednesday. Contemplating and strategizing around adversarial use of one's own AI tools is part of an emerging subcategory in artificial intelligence called AI safety, ensuring that deployed AI programs not only work as expected, but that they are safe from attack. READ MORE...

Microsoft Exchange Autodiscover flaw reveals users' passwords

Researchers have been able to get hold of 372,072 Windows domain credentials, including 96,671 unique credentials, in slightly over 4 months by setting up a Microsoft Exchange server and using Autodiscover domains. The credentials that are being leaked are valid Windows domain credentials used to authenticate to Microsoft Exchange servers. READ MORE...

Critical Cisco Bugs Allow Code Execution on Wireless, SD-WAN

Cisco is warning three critical security vulnerabilities affect its flagship IOS XE software, the operating system for most of its enterprise networking portfolio. The flaws impact Cisco's wireless controllers, SD-WAN offering and configuration mechanisms in use for scads of products. The networking giant has released patches for all of them, as part of a comprehensive 32-bug update released this week. READ MORE...

100M IoT Devices Exposed By Zero-Day Bug

A flaw in a widely used internet-of-things (IoT) infrastructure code left more than 100 million devices across 10,000 enterprises vulnerable to attacks. Researchers at Guardara used their technology to find a zero-day vulnerability in NanoMQ, an open-source platform from EMQ that monitors IoT devices in real time, then acts as a "message broker" to deliver alerts that atypical activity has been detected. READ MORE...

  • ...in 1852, Henri Giffard made the first ever powered and controlled flight in his hydrogen-filled dirigible, travelling 27 km from Paris to Elancourt.
  • ...in 1893, blues singer Lemon Henry Jefferson, AKA "Blind Lemon" Jefferson, is born in Coutchman, TX.
  • ...in 1948, comedian and actor Phil Hartman ("Saturday Night Live", "The Simpsons") is born in Brantford, Ontario.
  • ...in 1968, the long-running TV news magazine series "60 Minutes" debuts on CBS.