IT Security Newsletter

IT Security Newsletter - 01/05/2021

Written by Cadre | Tue, Jan 5, 2021

Data from August Breach of Amazon Partner Juspay Dumped Online

Data from a breach that occurred five months ago involving Juspay, which handles payments for Amazon and other online retailers in India, has been dumped online, a researcher has found. Security researcher Rajshekhar Rajaharia discovered data of 35 million Indian credit-card holders from a breach of a Juspay server that occurred on Aug. 18, he revealed on Twitter. The data included sensitive information such as the name, mobile number and bank name of customers. READ MORE...

Ransomware Gang Collects Data from Blood Testing Lab

Apex Laboratory, which provides blood work at home for patients in New York City, Long Island and South Florida, has been hit with a ransomware attack that also resulted in patient data being stolen. Though the company just disclosed the attack, it took place on July 25, when "certain systems in its environment were encrypted and inaccessible," according to a website notice from last week. Working with a cybersecurity firm, Apex was able to secure its network and resume operations two days later. READ MORE...

Hacker posts data of 10,000 American Express accounts for free

A threat actor has posted data of 10,000 American Express credit card holders on a hacker forum for free. In the same forum post, the actor claims to sell even more data of Mexican banking customers of American Express, Santander, and Banamex. This week a threat actor leaked data of 10,000 Mexico-based American Express credit cardholders on a forum. The finding was brought to light by threat intelligence analyst, Bank Security. READ MORE...

TransLink confirms ransomware data theft, still restoring systems

Metro Vancouver's transportation agency TransLink has confirmed that the Egregor ransomware operators who breached its network at the beginning of December 2020 also accessed and potentially stole employees' banking and social security information. TransLink announced on December 1, 2020, that the transportation network was experiencing issues with their computing systems following a cyberattack. These information technology issues impacted the company's phones and online services. READ MORE...

Chrome browser has a New Year's resolution: HTTPS by default

HTTPS, as you probably know, stands for secure HTTP, and it's a cryptographic process - a cybersecurity dance, if you like - that your browser performs with a web server when it connects, improving privacy and security by agreeing to encrypt the data that goes back and forth. Encrypting HTTP traffic from end-to-end between your browser and the server means that: The content of your web request and the reply that comes back can't easily be monitored by other people on the network. READ MORE...

Major Gaming Companies Hit with Ransomware Linked to APT27

A recent slew of related ransomware attacks on top videogame companies has been associated with the notorious Chinese-linked APT27 threat group, suggesting that the advanced persistent threat (APT) is swapping up its historically espionage centralized tactics to adopt ransomware, a new report says. Researchers noticed the "strong links" to APT27 when they were brought in as part of incident response for ransomware activity that affected several major gaming companies. READ MORE...

Indian government sites leaking patient COVID-19 test results

Websites of multiple Indian government departments, including national health and welfare agencies, are leaking COVID-19 lab test results for thousands of patients online. These leaked lab reports which are being indexed by search engines expose patient data, and whether they tested positive for coronavirus. This week, while searching for a means to obtain COVID-19 test results online, I accidentally came across what looked like exposed COVID-19 test results for thousands of patients. READ MORE...

Users can be manipulated to share private information online

Online users are more likely to reveal private information based on how website forms are structured to elicit data, Ben-Gurion University of the Negev (BGU) researchers have determined. "The objective was to demonstrate that we are able to cause smartphone and PC users of online services to disclose more information by measuring the likelihood that they sign-up for a service simply by manipulating the way information items (name, address, email) were presented," says Prof. READ MORE...

Hackers Exploiting Recently Disclosed Zyxel Vulnerability

Security researchers have observed the first attempts to compromise Zyxel devices using a recently disclosed vulnerability related to the existence of hardcoded credentials. The attacks, currently small in numbers, target CVE-2020-29583, a vulnerability affecting several Zyxel firewalls and WLAN controllers that was publicly disclosed at the end of December. Firmware updates that remove the bug are already available for some of the affected products, but attackers are seizing the moment. READ MORE...

Ransomware Attacks Linked to Chinese Cyberspies

China-linked cyber-espionage group APT27 is believed to have orchestrated recent ransomware attacks, including one where a legitimate Windows tool was used to encrypt the victim's files. Active since at least 2010 and tracked by different security firms as Emissary Panda, TG-3390, Iron Tiger, Bronze Union, and Lucky Mouse, APT27 is known for cyber-espionage campaigns targeting hundreds of organizations around the world. READ MORE...

  • ...in 1914, "Adventures of Superman" actor George Reeves is born in Woolstock, IA.
  • ...in 1932, philosopher and author Umberto Eco ("The Name of the Rose", "Foucault's Pendulum") is born in Piedmont, Italy.
  • ...in 1933, construction on the Golden Gate Bridge begins.
  • ...in 1941, Academy Award-winning animation director Hayao Miyazaki ("Spirited Away", "My Neighbor Totoro") is born in Tokyo, Japan.