IT Security Newsletter

IT Security Newsletter - 02/18/2021

Written by Cadre | Thu, Feb 18, 2021

Rising healthcare breaches driven by hacking and unsecured servers

2020 was a bad year for healthcare organizations in the U.S., which had to deal with a record-high number of cybersecurity incidents on the backdrop of the COVID-19 pandemic. Hacking and IT incidents affected the industry to a larger extent last year, accounting for more than 67% of all breaches and exposed the personal data of tens of millions of individuals. Highest breach count. READ MORE...

Yandex sysadmin caught selling access to email accounts

Yandex, a European multinational technology firm best known for being the most-used search engine in Russia, has revealed it had a security breach, leading to the compromise of almost 5,000 Yandex email accounts. The company says it spotted the breach after a routine check by its security team. They found that one of their system administrators with access to customer accounts was allowing third-parties to see some of these accounts "for personal gain". READ MORE...

France to Boost Cyberdefense After Hospital Malware Attacks

French President Emmanuel Macron on Thursday unveiled a plan to better arm public facilities and private companies against cybercriminals following ransomware attacks at two hospitals this month and an upsurge of similar cyber assaults in France. The attacks at the hospitals in Dax and Villefranche-sur-Saone prompted the transfer of some patients to other facilities as the French health care system is under pressure from the coronavirus pandemic. READ MORE...

Russian Sandworm hackers only hit orgs with old Centreon software

Centreon, the maker of the IT monitoring software exploited by Russian state hackers to infiltrate French companies' networks, said today that only organizations using obsolete software were compromised. Today's Centreon press release comes after a report released on Monday by ANSSI, the French national cyber-security agency, describing a series of attacks that resulted in multiple French IT providers getting breached over four years. ANSSI said that the first victim was compromised in late 2017. READ MORE...

Phishers tricking users via fake LinkedIn Private Shared Document

Phishers are trying to trick users into opening a "LinkedIn Private Shared Document" and entering their login credentials into a fake LinkedIn login page, security researcher JB Bowers warns. The phishing attack: The phishing message is delivered via LinkedIn's internal messaging system and looks like it has been sent by one of the victim's contacts. The message urges the recipient to follow a third-party link to view a document. READ MORE...

Mac Malware Targeting Apple's M1 Chip Emerges

A researcher has spotted the first piece of Mac malware that appears to have been created specifically for devices with Apple's recently introduced M1 chip. The malware was discovered by Patrick Wardle, a cybersecurity researcher who specializes in Apple products. Wardle has developed several free and open source security tools for Macs, and came up with the idea to look for malware designed to run natively on M1 systems while rebuilding his tools for native M1 compatibility. READ MORE...

US charges North Koreans in relation to global cyber attacks

The United States Department of Justice has charged three North Korean computer programmers with a range of cyber attacks that made headlines around the world. The men - 31-year-old Jon Chang Hyok, Kim Il, 27, and 36-year-old Park Jin Hyok - are alleged to have been part of North Korea's Reconnaissance General Bureau (RGB), known commonly as the "Lazarus Group" or "APT38", tasked with criminal hacking operations. READ MORE...

White House warns SolarWinds breach cleanup will take time

The White House has a message for America: it's going to take a long time to sort through the fallout from the massive espionage operation spurred on by the SolarWinds breach uncovered late last year. Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger stressed during a White House briefing Wednesday that the way the suspected Russian hackers infiltrated a SolarWinds network management software update with malicious code. READ MORE...

Nigerian man sentenced 10 years for $11 million phishing scam

A Nigerian national, Obinwanne Okeke, has been sentenced to 10 years in prison for allegedly coordinating an international spearphishing campaign that has cost victims approximately $11 million in losses. The scheme, which lasted from 2015 to 2019, targeted Unatrac Holding Limited, a British firm that acted as the export sales office for Caterpillar, with fake invoices and wire transfer requests. The FBI opened an investigation into the alleged scam in 2018. READ MORE...

Clubhouse under scrutiny for sending data to Chinese servers

The audio-chat app Clubhouse is the latest rage in the social media landscape. What makes it so popular and, now it's part of the social media landscape, can we trust it? The Clubhouse app: Clubhouse was launched about a year ago and was initially only used by Silicon Valley's rich and famous. It is different from other social media in that it focuses on the spoken word. Clubhouse members can enter virtual rooms to listen in or participate in live conversations. READ MORE...

  • ...in 1745, Italian physicist Alessandro Volta, the inventor of the electric battery, is born in Milan.
  • ...in 1885, Mark Twain's "The Adventures of Huckleberry Finn" is first published in the United States.
  • ...in 1930, astronomer Clyde Tombaugh discovers the dwarf planet Pluto while studying photographs taken at Arizona's Lowell Observatory.
  • ...in 1977, the Space Shuttle Enterprise takes its first test "flight", attached to the top of a Boeing 747.