IT Security Newsletter - 02/10/2021
Antivirus Firm Emsisoft Discloses Data Breach
Antivirus solutions provider Emsisoft revealed last week that a third-party had accessed a publicly exposed database containing technical logs. The issue, Emsisoft said, was a misconfiguration that resulted in a database from a test system becoming exposed to the Internet. The database was initially exposed on January 18, 2021, and remained so until the data breach was identified, on February 3. The affected system was used for evaluation and benchmarking of the storage and management of log data. READ MORE...
Supply-Chain Hack Breaches 35 Companies, Including PayPal, Microsoft, Apple
An ethical hacker has demonstrated a novel supply-chain attack that breached the systems of more than 35 technology players, including Microsoft, Apple, PayPal, Shopify, Netflix, Tesla and Uber, by exploiting public, open-source developer tools. The attack, devised by security researcher Alex Birsan, injects malicious code into common tools for installing dependencies in developer projects which typically use public depositories from sites like GitHub. READ MORE...
Cyberpunk 2077 developer hit with ransomware attack
Cyberpunk 2077 developer CD Projekt Red announced that it has "become the victim of a targeted cyberattack" that allegedly exposed the source code for many of its games. In a message the developer shared on Twitter Tuesday morning, the hackers allege that they stole the closely guarded source code for Cyberpunk 2077, Gwent, and The Witcher 3 (including an unreleased prototype of the last). Documents "relating to accounting, administration, legal, HR, investors relations and more." READ MORE...
HelloKitty ransomware behind CD Projekt Red cyberattack, data theft
The ransomware attack against CD Projekt Red was conducted by a ransomware group that goes by the name 'HelloKitty,' and yes, that's the name the threat actors utilize. Today, CD Project disclosed that they were the target of a ransomware attack that encrypted devices on their network and led to the theft of unencrypted files. "Yesterday we discovered that we have become a victim of a targeted cyber attack, due to which some of our internal systems have been compromised. READ MORE...
New hacking tool targeting Bangladesh Android users blurs lines between spying and stealing
In one of his regular sweeps for new malicious software targeting Android phones, security researcher Vitor Ventura came across what looked like a run-of-the mill hacking tool. Like so many pieces of code before it, the malware was capable of stealing information from a mobile device and sending it back to a command and control server. But when Ventura dug deeper, he found that the remote access trojan (or RAT as the tool is commonly known) was capable of surreptitiously recording conversations. READ MORE...
42% of Gmail scams targeted American users, Google finds
Who you are, where you are and how you experience online life are all major factors in whether you're targeted for phishing and malware campaigns on Gmail, a joint Stanford University-Google study concluded. The examination of 1.2 billion email-based phishing and malware attacks against Gmail users found that the risk of getting hit correlated at least in some significant measure to age, country, frequency of Gmail usage and past breach exposure. Users in the U.S. were most frequently targeted. READ MORE...
Vulnerabilities in NextGEN Gallery Plugin Exposed Many WordPress Sites to Takeover
Two severe vulnerabilities in the NextGEN Gallery WordPress plugin could have exposed more than 800,000 websites to complete takeover, WordPress security company Defiant reported on Monday. Available for more than a decade, the plugin provides users with a broad range of gallery management capabilities, such as batch upload of photos, metadata import, thumbnail editing, photo and gallery management, and more. READ MORE...
Microsoft fixes Windows 10 bug letting attackers trigger BSOD crashes
Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. Last month, we reported on a bug in the Windows 10 console multiplexer driver, condrv.sys, that caused a blue screen of death crash (BSOD) when attempting to connect to the following path. When connecting to the device, developers are meant to pass the 'attach' extended attribute. READ MORE...
- ...in 1893, musician and comedian Jimmy Durante, known for his gravelly voice and distinctive "Schnozzola", is born in Manhattan, NY. Ha-cha-cha-cha!
- ...in 1929, film and television composer Jerry Goldsmith ("Star Trek: The Motion Picture", "Patton", "Planet of the Apes") is born in Los Angeles, CA.
- ...in 1942, RCA Victor awards bandleader Glenn Miller the first gold record, for his orchestra's recording of "Chattanooga Choo Choo".
- ...in 1996, IBM supercomputer Deep Blue beats chess grandmaster Garry Kasparov, becoming the first AI to best a human world champion.