IT Security Newsletter - 02/12/2021
After hackers blackmailed their clients, Finnish therapy firm declares bankruptcy
Highly sensitive notes from therapy sessions were published online in an attempt to blackmail patients. Hackers bragged about the poor state of firm's security. Vastaamo, the Finnish psychotherapy practice that covered up a horrific security breach which resulted in patients receiving blackmail threats, has declared itself bankrupt. Vastaamo's problems first began in 2018, when it discovered that a database of customer details and - most shockingly - READ MORE...
Ukrainian gets US prison term in decade-old cybercrime, money-laundering case
In a case that stretches back to a much simpler era for cybercrime, a Ukrainian man was sentenced Thursday to more than seven years in prison after pleading guilty to helping launder money for Eastern Europeans who hacked into U.S. bank accounts. The U.S. Department of Justice said Aleksandr Musienko, 38, agreed to an 87-month prison term and $98,751.64 in restitution under the plea deal. READ MORE...
Food-delivery fraudsters deploy hacked accounts, stolen credit card info to skim from orders
Food delivery apps have taken off during the pandemic, and it looks like fraudsters have taken notice. Fraud detection company Sift said Thursday it has seen a rash of scams within the chat app Telegram that target restaurants and delivery apps for theft. It's a low-level grift that goes like this: The fraudsters advertise in Telegram forums that they can illicitly buy food orders at steep discounts, around 60%-75% off. READ MORE...
Microsoft warns of an increasing number of web shell attacks
Microsoft says that the number of monthly web shell attacks has almost doubled since last year, with an average of 140,000 such malicious tools being found on compromised servers every month. Web shells are tools (scripts or programs) that threat actors deploy on hacked servers to gain and/or maintain access, as well as to remotely execute arbitrary code or commands, to move laterally within the network, or to deliver additional malicious payloads. READ MORE...
Apple iOS 14.5 will hide Safari users' IP addresses from Google's Safe Browsing
Another privacy improvement from Cupertino, just a small one. Apple's forthcoming iOS 14.5 release, currently in beta, will conceal the IP address of Safari web surfers from Google's Safe Browsing service, integrated into Safari to spot fraudulent websites. On Wednesday, Maciej Stachowiak, head of WebKit engineering at Apple, confirmed the change via Twitter, stating that "in the new iOS beta, Safari does indeed proxy the service via Apple servers to limit the risk of information leak." READ MORE...
Proofpoint sues Facebook over dummy sites used for anti-phishing training
Proofpoint has filed a lawsuit against Facebook arguing that it should be allowed to use domains that imitate the Facebook and Instagram brands to test customers' ability to avoid online scams. Cybercriminals often imitate popular brands' sites, including Facebook and Instagram, to dupe unsuspecting users, then pilfer their credentials or distribute malware. Proofpoint is one of several security companies that provides customers with phishing training. READ MORE...
Pre-Valentine's Day Malware Attack Mimics Flower, Lingerie Stores
Emails pretending to confirm hefty orders from lingerie shop Ajour Lingerie and flower store Rose World are actually spreading the BazaLoader malware. With Valentine's Day approaching this weekend, several people have received "recent order" email confirmations for flowers or lingerie. These emails are actually part of a spear-phishing attack, which ultimately leads recipients to a malicious document that executes the BazaLoader malware. READ MORE...
Accellion to retire enterprise file-sharing product targeted in recent attacks
U.S.-based cloud solutions company Accellion will soon retire FTA, its legacy enterprise file-sharing solution, vulnerabilities in which have recently been exploited by attackers to breach a variety of organizations, including the Australian Securities and Investments Commission, the Washington State Auditor Office, and Singapore telecom Singtel. Accellion FTA (File Transfer Appliance) is a file-sharing product that allows organizations to "transfer large and sensitive files [...]" READ MORE...
Singtel, QIMR Berghofer report Accellion-related data breaches
Singtel and the QIMR Berghofer Medical Research Institute are the latest companies to disclose data breaches caused by a vulnerability in the Accellion FTA secure file transfer software. Accellion is a developer of secure file transfer products that allow organizations to transfer sensitive files with people outside of their organization. In mid-December, Accellion announced that they became aware of an actively exploited zero-day vulnerability in their FTA secure file transfer product. READ MORE...
Avaddon ransomware fixes flaw allowing free decryption
The Avaddon ransomware gang has fixed a bug that let victims recover their files without paying the ransom. The flaw came to light after a security researcher exploited it to create a decryptor. On Tuesday, Javier Yuste, a Ph.D. student at Rey Juan Carlos University, published a decryptor for the Avaddon Ransomware on his GitHub page and released a report describing the flaw through ArXiv. READ MORE...
Fauci: Vaccines for first-graders could be authorized by September
Children as young as first-graders may be able to get the coronavirus vaccine by the time school starts in September, presuming trials are successful in those age groups, Dr. Anthony Fauci, director of the National Institute of Allergy and Infectious Diseases, said in an interview with ProPublica. "We're in the process of starting clinical trials in what we call age de-escalation, where you do a clinical trial with people 16 to 12, then 12 to 9, then 9 to 6," Fauci said. READ MORE...
- ...in 1809, Abraham Lincoln is born in a log cabin near Hodgenville, KY.
- ...in 1809, English naturalist Charles Darwin, who first proposed that living species are descended over time from common ancestors, is born in Kent, England.
- ...in 1912, China becomes a republic following the overthrow of the Manchu dynasty.
- ...in 1980, The Lake Placid Winter Olympics opens in New York.