<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 01/12/2021

Breaches

US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security

One of the harrowing images to come out of Wednesday's attack on the US Capitol was a photo posted by a rioter of an open laptop on a desk in US House Speaker Nancy Pelosi's office. The screen was visible and apparently unlocked, with a warning in a black box that read, "Capitol: Internet Security Threat: Police Activity." While it remains unclear whether the laptop allegedly stolen from Pelosi's office during the attack on the Capitol is the same one that was photographed in an unlocked state. READ MORE...


Ubiquiti Tells Users to Change Passwords After Breach at Cloud Provider

American technology company Ubiquiti this week revealed that one of its third-party cloud providers suffered a data breach. Founded in 2005, the New York City-based company manufactures wired and wireless data communication products for both corporate and home users, including routers, security cameras, network video recorders, and other Internet of Things devices. "We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider." READ MORE...

Hacking

Kaspersky discovers overlap between SolarWinds hack, Turla

Security researchers on Monday linked the SolarWinds breach to a different set of suspected Russian hacking tools, finding commonalities between that attack and the methods of the Turla group. Moscow-based Kaspersky said the source code for Sunburst, one of the nicknames for the malware that attackers used in the SolarWinds hack, overlapped with the Kazuar backdoor that Turla has deployed in the past. The Turla group is known for stalking embassies and ministries of foreign affairs in Europe. READ MORE...


SolarWinds details stealthy code used to launch hacking campaign

SolarWinds, the federal contractor at the center of a sweeping suspected Russian hacking campaign, on Monday identified malicious code the company says attackers used to manipulate its software, and remain undetected for months. The code was designed to inject another piece of custom malicious software into Orion, the SolarWinds software used by numerous Fortune 500 companies and federal agencies, "without arousing the suspicion of our software development and build teams." READ MORE...

Malware

Electricity and CRISPR used to write data to bacterial DNA

In recent years, researchers have used DNA to encode everything from an operating system to malware. Rather than being a technological curiosity, these efforts were serious attempts to take advantage of DNA's properties for long-term storage of data. DNA can remain chemically stable for hundreds of thousands of years, and we're unlikely to lose the technology to read it, something you can't say about things like ZIP drives and MO disks. READ MORE...


New Tool Sheds Light on AppleScript-Obfuscated Malware

The AEVT decompiler helped researchers analyze a cryptominer campaign that used AppleScript for obfuscation and will help reverse engineers focused on other Mac OS malware. An effort to reverse-engineer malicious AppleScript has led to the creation of a tool to analyze run-only malware targeting the Mac operating system, undermining a common attacker approach to obfuscating code on the platform. Cybersecurity firm SentinelOne created the tool, known as the Apple Event (AEVT) decompiler. READ MORE...

Exploits/Vulnerabilities

Typeform fixes Zendesk Sell form data hijacking vulnerability

Online surveys and form building software as a service Typeform has patched an information hijacking vulnerability. The flaw which existed in Typeform's Zendesk Sell app integration could let attackers quietly redirect form submissions with potentially sensitive data to themselves. Online survey and form creation tool Typeform lets users create webpages for easy data collection from users. Every such form created on the platform has a unique "form ID," such as hHXhmf. READ MORE...

Encryption

DarkSide ransomware decryptor recovers victims' files for free

Romanian cybersecurity firm Bitdefender has released a free decryptor for the DarkSide ransomware to allow victims to recover their files without paying a ransom. DarkSide is a human-operated ransomware that has already earned millions in payouts since it started targeting enterprises in August 2020. The operation has seen a spike in activity between October and December 2020 when the amount of DarkSide sample submissions on the ID-Ransomware platform more than quadrupled. READ MORE...

On This Date

  • ...in 1921, in reaction to the "Black Sox" scandal, Major League Baseball team owners elect Kenesaw Mountain Landis as the league's first commissioner.
  • ...in 1944, professional boxer and former heavyweight champion Joe Frazier is born in Beaufort, SC.
  • ...in 1965, hard rock musician and filmmaker Robert Bartleh Cummings, AKA Rob Zombie, is born in Haverhill, MA.
  • ...in 1971, the controversial TV sitcom "All in the Family" debuts on CBS.