IT Security Newsletter

IT Security Newsletter - 9/8/2022

Written by Cadre | Thu, Sep 8, 2022

Massive hotels group IHG struck by cyberattack which disrupts booking systems

InterContinental Hotels Group (IHG), which owns brands such as InterContinental, Crowne Plaza, Holiday Inn, and many others, has had its IT systems breached by malicious hackers. In a filing with the London Stock Exchange, the multinational hospitality company reported that "parts of the company's technology systems have been subject to unauthorised activity." READ MORE...

200,000 North Face accounts hacked in credential stuffing attack

Outdoor apparel brand 'The North Face' was targeted in a large-scale credential stuffing attack that has resulted in the hacking of 194,905 accounts on the thenorthface[.]com website. A credential stuffing attack is when threat actors use email addresses/usernames and password combinations obtained from data breaches to attempt to hack into user accounts on other websites. READ MORE...

HP fixes severe bug in pre-installed Support Assistant tool

HP issued a security advisory alerting users about a newly discovered vulnerability in HP Support Assistant, a software tool that comes pre-installed on all HP laptops and desktop computers, including the Omen sub-brand. HP Support Assistant is used to troubleshoot issues, perform hardware diagnostic tests, dive deeper into technical specifications, and even check for BIOS and driver updates on HP devices. READ MORE...

New wave of data-destroying ransomware attacks hits QNAP NAS devices

Network hardware-maker QNAP is urging customers to update their network-attached storage devices immediately to protect them from a new wave of ongoing ransomware attacks that can destroy terabytes of data in a single stroke. Singapore-based QNAP said recently that it has identified a new campaign from a ransomware group known as DeadBolt. The attacks take aim at QNAP NAS devices that use a proprietary feature known as Photo Station. READ MORE...

Next-Gen Linux Malware Takes Over Devices With Unique Tool Set

A Linux-focused malware dubbed Shikitega has emerged to target endpoints and Internet of Things (IoT) devices with a unique, multistage infection chain that results in full device takeover and a cryptominer. Researchers at AT&T Alien Labs who spotted the bad code said that the attack flow consists of a series of modules. Each module not only downloads and executes the next one, but each of these layers serves a specific purpose, according to a Tuesday posting from Alien Labs. READ MORE...

  • ...in 1930, 3M begins marketing Scotch brand transparent tape.
  • ...in 1943, Gen. Dwight Eisenhower publicly announces the surrender of Italy to the Allies.
  • ...in 1966, the crew of the U.S.S. Enterprise takes off on its mission to "boldly go where no man has gone before," with the premiere of Star Trek.
  • ...in 1974, President Gerald Ford pardons his predecessor Richard Nixon for any crimes he may have committed.