<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 01/04/2021

SHARE

Breaches

Data breach broker selling user records stolen from 26 companies

A data breach broker is selling the allegedly stolen user records for twenty-six companies on a hacker forum, BleepingComputer has learned. When threat actors and hacking groups breach a company and steal their user databases, they commonly work with data breach brokers who market and sell the data for them. Brokers will then create posts on hacker forums and dark web marketplaces to market the stolen data. READ MORE...


T-Mobile: Breach exposed call information for some customers

T-Mobile says that it "recently identified and quickly shut down" a data breach that included call-related information about some accounts. The wireless telecommunication firm said in a notice mailed to some customers in late December that the incident "may have included phone number, number of lines subscribed to on your account and, in some cases, call-related information collected as part of the normal operation of your wireless service." READ MORE...

Hacking

China's APT hackers move to ransomware attacks

Security researchers investigating a set of ransomware incidents at multiple companies discovered malware indicating that the attacks may be the work of a hacker group believed to operate on behalf of China. Although the attacks lack the sophistication normally seen with advanced threat actors, there is strong evidence linking them to APT27, a group normally involved in cyber espionage campaigns, also known as TG-3390, Emissary Panda, BRONZE UNION, Iron Tiger, and LuckyMouse. READ MORE...


Microsoft says SolarWinds hackers accessed company source code

Microsoft said Thursday that the SolarWinds hackers were able to access company source code, although the technology giant described the incident as largely harmless in an update to an internal investigation. We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories," Microsoft said in a blog post. READ MORE...

Trends

Inbox Attacks: The Miserable Year (2020) That Was

Purging your inbox has become a year-end tradition for many. A short hiatus for the holidays often provides a quiet moment to flush the previous year's mountain of spam. And, from the looks of our 2020 inbox, years of herculean efforts to harden email defenses have fallen short. The most-targeted business attack vector continues to be our inboxes. So, as we take a collective deep breath before plunging into 2021, here is look at past, present and future inbox threats and trends. READ MORE...

Malware

Emotet malware hits Lithuania's National Public Health Center

The internal networks of Lithuania's National Center for Public Health (NVSC) and several municipalities have been infected with Emotet malware following a large campaign targeting the country's state institutions. "When infected recipients opened infected messages, the virus entered the internal networks of the institutions," NVSC officials said in a statement published today. "Infected computers, after downloading additional files, began sending fake emails [...]" READ MORE...

Information Security

Old Attack Method Against Google's Audio-Based reCAPTCHA Resurrected

An attack method discovered in 2017 for defeating the audio version of Google's reCAPTCHA system using speech-to-text services has once again been resurrected. A team of researchers from the University of Maryland showed in 2017 that online speech-to-text services could be used to automatically solve reCAPTCHA v2 audio challenges with a high degree of accuracy. The attack was named by the researchers unCaptcha. READ MORE...


What's Next for Ransomware in 2021?

Ransomware works. That's the simplest way to explain why incidents of ransomware attacks have sharply increased over the last year - with no end in sight. The number of ransomware attacks has jumped by 350 percent since 2018, the average ransom payment increased by more than 100 percent this year, downtime is up by 200 percent and the average cost per incident is on the rise, according to a recent report from PurpleSec. READ MORE...

Exploits/Vulnerabilities

Nashville Bombing Spotlights Vulnerable Voice, Data Networks

The Christmas Day bombing in downtown Nashville led to phone and data service outages and disruptions over hundreds of miles in the southern U.S., raising new concerns about the vulnerability of U.S. communications. The blast seriously damaged a key AT&T network facility, an important hub that provides local wireless, internet and video service and connects to regional networks. Backup generators went down, which took service out hours after the blast. A fire broke out and forced an evacuation. READ MORE...

Encryption

Apex Laboratory Says Patient Data Stolen in Ransomware Attack

At-home laboratory services provider Apex Laboratory said hackers stole some patient data during a ransomware attack that took place several months ago. Established in 1997 and headquartered in Farmingdale, New York, Apex Laboratory provides medical testing services in the New York Metropolitan and surrounding areas. In 2007, Apex opened a South Florida location. In a data breach notification published last week, the company announced that, on July 25, 2020, it discovered a cyberattack. READ MORE...

On This Date

  • ...in 1853, Solomon Northup regains his freedom after being kidnapped and sold into slavery. His memoir "Twelve Years a Slave" became an Oscar Best Picture-winning film in 2013.
  • ...in 1896, Utah is admitted as the 45th state.
  • ...in 1936, Billboard Magazine publishes its first pop music charts.
  • ...in 2016, IUPAC and IUPAP announced the discovery of four new elements, completing the 7th row of the periodic table.