<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 01/28/2021

SHARE

Breaches

Stack Overflow 2019 hack was guided by advice from none other than... Stack Overflow

Developer site Stack Overflow has published details of a breach dating back to May 2019, finding evidence that an intruder in its systems made extensive use of Stack Overflow itself to determine how to make the next move. At the time, the company reported that an unauthorised person had logged into its development system and escalated their access to the production version of stackoverflow.com. The source code for the site as well as the names, IP addresses and email addresses of 184 users was stolen. READ MORE...

Hacking

US charges NetWalker ransomware affiliate, seizes ransom payments

The U.S. Justice Department announced today the disruption of the Netwalker ransomware operation and the indictment of a Canadian national for alleged involvement in the file-encrypting extortion attacks. Earlier today, BleepingComputer reported that law enforcement in the U.S. and Bulgaria seized Netwalker sites on the dark web used for leaking data from non-paying victims and for negotiating payments for data decryption. READ MORE...

Software Updates

Apple to Crack Down on Tracking iPhone Users in Early Spring

Apple says it will roll out a new privacy control in the spring to prevent iPhone apps from secretly shadowing people. The delay in its anticipated rollout aims to placate Facebook and other digital services that depend on such data surveillance to help sell ads. After delaying the planned September introduction of the safeguard amid a Facebook-led outcry, Apple had previously said it would come out early this year. Apple released the latest update as part of Data Privacy Day. READ MORE...

Malware

Wormable Android malware spreads via WhatsApp messages

Android users should watch out for new wormable malware that spreads through WhatsApp and lures the prospective victims into downloading an app from a website masquerading as Google Play. ESET malware researcher Lukas Stefanko looked under the hood of this Android nasty. "This malware spreads via the victim's WhatsApp, automatically replying to any WhatsApp message notification with a link to a fake and malicious Huawei Mobile app," said Stefanko. READ MORE...


TeamTNT Cloaks Malware With Open-Source Tool

The TeamTNT threat group has added a new detection-evasion tool to its arsenal, helping its cryptomining malware skirt by defense teams. The TeamTNT cybercrime group is known for cloud-based attacks, including targeting Amazon Web Services (AWS) credentials in order to break into the cloud and use it to mine for the Monero cryptocurrency. It has also previously targeted Docker and Kubernetes cloud instances. The new detection-evasion tool, libprocesshider, is copied from open-source repositories. READ MORE...

Information Security

US arrests Twitter troll accused of spreading election disinformation in 2016

U.S. law enforcement officials say they've arrested an infamous far-right troll for allegedly using social media to spread disinformation in support of Donald Trump in the 2016 election. Douglass Mackey, a 31-year-old Florida man, is accused of using Twitter and other platforms to disenfranchise voters by encouraging them to vote via text or social media, which are invalid voting methods. Law enforcement officials arrested Mackey, who was better known as Ricky Vaughn on social media. READ MORE...

Encryption

ProtonMail, Tutanota among authors of letter urging EU to reconsider encryption rules

Encrypted service providers are urging lawmakers to back away from a controversial plan that critics say would undercut effective data protection measures. ProtonMail, Threema, Tresorit and Tutanota - all European companies that offer some form of encrypted services - issued a joint statement this week declaring that a resolution the European Council adopted on Dec. 14 is ill-advised. That measure calls for "security through encryption and security despite encryption." READ MORE...

Science & Culture

Verizon Fios fiber cut causes Internet outage in Northeastern US

Verizon Fios is experiencing an Internet outage making it impossible to access many websites after a fiber connection was cut in Brooklyn. Starting at approximately 11:00 AM EST, Verizon Fios users found they were no longer able to access popular services, such as Google, Slack, Microsoft Teams, Azure, and even Verizon's own website and My verizon app to check for known outages. According to DownDetector, the outage is affecting locations in the northeast of the United States. READ MORE...

On This Date

  • ...in 1936, actor/director Alan Alda ("M*A*S*H", "The West Wing") is born in New York City.
  • ...in 1956, Elvis Presley makes his first US television appearance on the Dorsey Brothers' "Stage Show" at the age of 21.
  • ...in 1958, the Lego company patents its toy building bricks. The original Lego set is still compatible with the bricks produced today.
  • ...in 1959, Vince Lombardi is hired as head coach of the Green Bay Packers.