IT Security Newsletter

IT Security Newsletter - 9/6/2022

Written by Cadre | Tue, Sep 6, 2022

Samsung discloses data breach after July hack

Electronics giant Samsung has confirmed a new data breach today after some of its U.S. systems were hacked to steal customer data. The company said its systems were compromised in late July 2022. Samsung later discovered on August 4 that customer personal information was accessed and exfiltrated out of its network. While the attackers did not steal Social Security or credit card numbers during the breach, they snatched Samsung customers' names, contacts and demographic information, dates of birth, etc. READ MORE...

KeyBank: Hackers of Third-Party Provider Stole Customer Data

Hackers stole personal data including Social Security numbers, addresses and account numbers of home mortgage holders at KeyBank, the bank reports, in the breach of a third-party vendor that serves multiple corporate clients. The hackers obtained the information on July 5 after breaking into computers at the insurance services provider Overby-Seawell Company, according to a letter that Cleveland-based KeyBank sent to affected residential mortgage customers. READ MORE...

Second largest U.S. school district LAUSD hit by ransomware

Los Angeles Unified (LAUSD), the second largest school district in the U.S., disclosed that a ransomware attack hit its Information Technology (IT) systems over the weekend. LAUSD enrolls more than 640,000 students, spanning from kindergarten through 12th grade. It includes Los Angeles and 31 smaller municipalities, as well as several Los Angeles County unincorporated sections. READ MORE...

Chrome and Edge fix zero-day security hole - update now!

Just three days after Chrome's previous update, which patched 24 security holes that were not in the wild, the Google programmers announced the release of Chrome 105.0.5195.102, where the last of the four numbers in the quadruplet jumps up from 52 on Mac and Linux and 54 on Windows. The release notes confirm, in the clipped and frustrating "indirect statement made in the passive voice" bug-report style that Google seems to have borrowed from Apple: READ MORE...

BlackCat ransomware claims attack on Italian energy agency

The BlackCat/ALPHV ransomware gang claimed responsibility for an attack that hit the systems of Italy's energy agency Gestore dei Servizi Energetici SpA (GSE) over the weekend. GSE is a publicly-owned company that promotes and supports renewable energy sources (RES) across Italy. A GSE spokesperson disclosed that its website and systems were taken down to block the attackers from gaining access to the data after detecting the attack on Sunday night-GSE's website is still down, almost a week after the incident. READ MORE...

Raspberry Robin Malware Connected to Russian Evil Corp Gang

Raspberry Robin, a widespread USB-based worm that acts as a loader for other malware, has significant similarities to the Dridex malware loader, meaning that it can be traced back to the sanctioned Russian ransomware group Evil Corp. Researchers from IBM Security reversed engineered two dynamic link libraries (DLLs) dropped during a Raspberry Robin infection and compared them to the Dridex malware loader. READ MORE...

  • ...in 1901. anarchist Leon Czolgosz shoots and fatally wounds US President William McKinley at the Pan-American Exposition in Buffalo, NY.
  • ...in 1916, the first Piggly Wiggly store opens in Memphis, TN. It was the first self-service grocery chain.
  • ...in 1972, English actor Idris Elba ("The Wire", "Pacific Rim") is born in London, England.
  • ...in 1991, Russia's second largest city changes its name back to Saint Petersburg, after 67 years as Leningrad.