<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 02/11/2021

SHARE

Breaches

Hackers ask only $1,500 for access to breached company networks

The number of offers for network access and their median prices on the public posts on hacker forums dropped in the final quarter of last year but the statistics fail to reflect the real size of the initial access market. Data from threat intelligence firm Kela indicates that many of the deals actually closed behind closed doors, a trend shaped over the past months. According to the company, over 240 offers to sell initial network access occurred in public conversations. READ MORE...

Hacking

French MNH health insurance company hit by RansomExx ransomware

French health insurance company Mutuelle Nationale des Hospitaliers (MNH) has suffered a ransomware attack that has severely disrupted the company's operations. BleepingComputer has learned. MNH is the first mutual insurance company in France to provide health insurance services, and plans focused on the health sector. The company's website is used by members to generate insurance quotes or to manage services and benefits. READ MORE...


Authorities bust SIM-swap ring they say took millions from the rich and famous

Ten people have been arrested in connection with a series of SIM-swapping attacks that reaped more than $100 million by taking over the mobile phone accounts of high-profile individuals, authorities said on Wednesday. SIM-swapping is a crime that involves replacing a target's legitimate SIM card with one belonging to the attacker. The attacker then initiates password resets for accounts for email, cryptocurrency holdings, and other important resources. With control over the target's mobile phone. READ MORE...

Malware

TrickBot's BazarBackdoor malware is now coded in Nim to evade antivirus

TrickBot's stealthy BazarBackdoor malware has been rewritten in the Nim programming language, likely to evade detection by security software. The TrickBot cybercrime gang has been increasingly distributing their newer and stealthier BazarBackdoor malware through spam campaigns. Once a computer becomes infected, BazarBackdoor is used to provide the threat actors remote access to the computer to spread laterally throughout a network. READ MORE...


Pro-India hacking group expands mobile malware arsenal

A pro-India hacking group has been using two kinds of invasive Android surveillance software to spy on hundreds of victims' cell phones for years, according to Lookout research published Thurssday. The malware, which the researchers have dubbed SunBird and Hornbill, are capable of exfiltrating several kinds of sensitive data, including text messages, call logs, contacts, the contents of encrypted messaging applications and target geolocation. The spyware also allows hackers to take pictures. READ MORE...

Information Security

People are often the collateral damage of attacks on corporations

Thanks to cyberattacks making regular headlines in the news, it's no secret that massive data breaches are a significant threat to organizations. However, a report from F-Secure highlights the rarely-discussed impact these attacks can have on people and families using online services. According to the report, nearly 3 out of every 10 respondents to the survey experienced some type of cybercrime (such as malware/virus infections, unauthorized access to email or social media accounts, etc.) READ MORE...

Exploits/Vulnerabilities

Mobile Health Apps Found to Expose Records of Millions of Users

An analysis of 30 popular mobile health (mHealth) applications has revealed that all of them expose the full patient records of millions of people. Research conducted by Alissa Knight, partner at marketing agency Knight Ink, on behalf of mobile API threat protection firm Approov showed that the applications are vulnerable to API attacks that unauthorized parties could leverage to access protected health information (PHI) and personally identifiable information (PII). READ MORE...


Vulnerabilities in widely used TCP/IP stacks open IoT, OT devices to attack

Forescout researchers have discovered nine vulnerabilities affecting nine different TCP/IP stacks widely used in IoT and OT devices. The vulnerabilities are due to weak Initial Sequence Number (ISN) generation, and could be exploited to mount limited DoS attacks against the vulnerable devices, to inject malicious data on a device, or to bypass authentication. The vulnerable TCP/IP stacks: "TCP is a connection-oriented networking protocol that allows two endpoints to exchange data." READ MORE...

On This Date

  • ...in 1847, engineer and businessman Thomas Edison, inventor of the light bulb, phonograph, and motion picture camera, is born in Milan, OH.
  • ...in 1936, actor/producer Burt Reynolds (Smokey and the Bandit, Deliverance) is born in Lansing, MI.
  • ...in 1990, activist Nelson Mandela is released from prison after 27 years as a political prisoner of South Africa's apartheid government.
  • ...in 2011, Egyptian president Hosni Mubarak resigns in the wake of 18 days of popular protests.