IT Security Newsletter - 01/06/2021
Vodafone's ho. Mobile admits data breach, 2.5m users impacted
Vodafone Group's low-cost operator ho. Mobile announced that hackers stole part of its customer database thus obtaining personal user information and SIM technical data. The stolen database, offered for sale on dark web forums since December 22, has been partially verified and includes sufficient details to carry out SIM-swap attacks, putting at risk about 2.5 million subscribers. News of the database being peddled on a hacker forum emerged on December 28 from researcher Bank Security. READ MORE...
Feds Pinpoint Russia as 'Likely' Culprit Behind SolarWinds Attack
The U.S. government has identified Russia as the "likely" culprit behind the widespread SolarWinds cyberattack that has so far affected multiple federal agencies and private-sector companies. Cyberespionage is cited as the motivation behind the attack, which the feds characterized as ongoing. In a rare joint statement by the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI) and the National Security Agency (NSA). READ MORE...
Telegram feature exposes your precise address to hackers
If you're using an Android device-or in some cases an iPhone-the Telegram messenger app makes it easy for hackers to find your precise location when you enable a feature that allows users who are geographically close to you to connect. The researcher who discovered the disclosure vulnerability and privately reported it to Telegram developers said they have no plans to fix it. The problem stems from a feature called People Nearby. By default, it's turned off. READ MORE...
North Korean software supply chain attack targets stock investors
North Korean hacking group Thallium aka APT37 has targeted users of a private stock investment messenger service in a software supply chain attack, according to a report published this week. Up until now, the group mainly relied on phishing attacks, such as via Microsoft Office documents, to target its victims. Thallium is now leveraging multiple ways, such as shipping tainted Windows installers and macro-laden Office documents to prey on investors. READ MORE...
Australian cybersecurity agency used as cover in malware campaign
The Australian government warns of an ongoing campaign impersonating the Australian Cyber Security Centre (ACSC) to infect targets with malware. Scammers coordinating these attacks are also actively attempting to convince potential victims to install remote administration and desktop sharing software with the end goal of stealing the targets' banking information. "The Australian Cyber Security Centre (ACSC) warns some Australians are receiving phone calls or emails from scammers [...]" READ MORE...
Cross-platform ElectroRAT malware drains cryptocurrency wallets
Security researchers have discovered a new remote access trojan (RAT) used to empty the cryptocurrency wallets of thousands of Windows, Linux, and macOS users. Named ElectroRAT after being discovered in December, the cross-platform RAT malware is written in Golang and it was used as part of a campaign that has been targeting cryptocurrency users since the start of 2020. The attackers behind the ElectroRAT operation created and injected their RAT into custom Electron. READ MORE...
U.S. Government Announces 'Hack the Army 3.0' Bug Bounty Program
The U.S. government on Wednesday announced the launch of another bug bounty program conducted in collaboration with hacker-powered cybersecurity platform HackerOne. Hack the Army 3.0, whose goal is to help the U.S. Army secure its digital assets and protect its systems against cyberattacks, takes place between January 6 and February 17, and it's open to both millitary and civilian white hat hackers. However, only civilians are eligible for financial rewards if they find vulnerabilities. READ MORE...
One month after ransomware attack, Metro Vancouver's transit system still not up to speed
According to media reports, TransLink, Metro Vancouver's public transportation agency, has warned its staff that hackers accessed their personal bank account details and other information. The warning came in an internal email to workers approximately one month after Translink was struck by the Egregor ransomware and passengers had their journeys disrupted. The email, seen by Global News advised staff that the hackers had "accessed and may have copied files from a restricted network drive". READ MORE...
How to Protect Your Organization's Digital Footprint
In today's ecosystem, security teams must expedite digital transformation initiatives to ensure collaboration and productivity among remote employees while continuing to service clients. Correspondingly, the digital risk landscape continues to evolve rapidly, making it difficult for businesses to monitor external, unregulated channels for risks that affect their business, employees, or customers. READ MORE...
6 Open Source Tools for Your Security Team
Open source tools are a fact of life in application development. A growing number of open source security tools makes the noncommercial license a realistic option for more security teams. Traditionally, open source tools have been viewed as options for academic institutions and smaller companies. But current-generation open source tools, developed with an emphasis on scale and deployment flexibility, have been developed with larger enterprises in mind. READ MORE...
- ...in 1838, Samuel Morse first demonstrates the telegraph.
- ...in 1907, Maria Montessori opens her first school and daycare center in Rome, Italy.
- ...in 1912, German geophysicist Alfred Wegener first presents his theory of continental drift at a lecture in Frankfurt.
- ...in 1936, Porky Pig makes his world debut in a Warner Brothers cartoon, "Gold Diggers of '49."