IT Security Newsletter - 02/19/2021
US cities disclose data breaches after vendor's ransomware attack
A ransomware attack against the widely used payment processor ATFS has sparked data breach notifications from numerous cities and agencies within California and Washington. Automatic Funds Transfer Services (AFTS) is used by many cities and agencies in Washington and other US states as a payment processor and address verification service. As the data is used for billing and verifying customers and residents is wide and varied, this attack could have a massive and widespread impact. READ MORE...
After IT Outage, Carmakers Kia and Hyundai Say No Evidence of Ransomware Attack
Carmakers Kia and Hyundai, both owned by the South Korea-based Hyundai Motor Group, said they had found no evidence that the outages they suffered in the past week in the United States were the result of a ransomware attack. Kia Motors America was the first to notify customers via its website that it had been experiencing an IT service outage impacting some of its systems, including internal, customer and dealer systems. Hyundai Motor America later also confirmed some disruptions. READ MORE...
Microsoft: Solorigate attackers grabbed Azure, Intune, Exchange component source code
Microsoft has completed its internal investigation about the Solorigate (SolarWinds) security incident, and has discovered that the attackers were very interested in the code of various Microsoft solutions. The attackers viewed some files here and there, but they also managed to download source code from a "small number of repositories," and this includes the code for some important Microsoft Azure components. What the attackers did and did not do? READ MORE...
FBI: Telephony denial-of-service attacks can lead to loss of lives
The Federal Bureau of Investigation (FBI) has warned of the harsh consequences of telephony denial-of-service (TDoS) attacks and has also provided the steps needed to mitigate their impact. The FBI published this warning on Wednesday as an IC3 public service announcement and as a Private Industry Notification issued to private sector organizations in coordination with DHS-CISA. TDoS attacks are manual or automated malicious attempts to render telephone systems unavailable. READ MORE...
RIPE NCC Internet Registry discloses SSO credential stuffing attack
RIPE NCC is warning members that they suffered a credential stuffing attack attempting to gain access to single sign-on (SSO) accounts. RIPE NCC is a not-for-profit regional Internet registry for Europe, the Middle East, and parts of Central Asia. It is responsible for allocating blocks of IP addresses to Internet providers, hosting providers, and organizations in the EMEA region. Membership includes over 20,000 organizations from over 75 countries who act as Local Internet Registries. READ MORE...
Protecting Against Vaccine-Themed Attacks and Misinformation
Just before Christmas, the British Government became the first to approve a COVID-19 vaccine. Since that announcement, not only have several other vaccines been regulated for use, but the worldwide rollout is gaining momentum with other countries approving and accelerating populous vaccination programs. Now that we can see a proactive rollout of the vaccine, hope has sparked amongst frontline workers, at-risk individuals and members of the public. READ MORE...
Mac Malware Targets Apple's In-House M1 Processor
A malicious adware-distributing application specifically targets Apple's new M1 SoC, used in its newest-generation MacBook Air, MacBook Pro and Mac mini devices. Three months after Apple launched its new M1 system-on-a-chip (SoC), cybercriminals have developed what may be the first malicious macOS application targeting the mobile giant's first in-house silicon. The recently uncovered malicious application, called GoSearch22, natively runs on M1. READ MORE...
New browser-tracking hack works even when you flush caches or go incognito
The prospect of Web users being tracked by the sites they visit has prompted several countermeasures over the years, including using Privacy Badger or an alternate anti-tracking extension, enabling private or incognito browsing sessions, or clearing cookies. Now, websites have a new way to defeat all three. The technique leverages the use of favicons, the tiny icons that websites display in users' browser tabs and bookmark lists. READ MORE...
Exploit Details Emerge for Unpatched Microsoft Bug
A malicious website or malicious ad can trigger an exploit for the IE zero-day bug, opening the door for data theft and code execution, new analysis notes. New details have emerged about an unpatched security vulnerability in Microsoft's Internet Explorer that was recently used in a complex campaign against security researchers. A fresh analysis from 0patch offers further insight into where the bug exists and how it can be triggered in real-world attacks - notably, by just visiting a website. READ MORE...
- ...in 1807, former Vice President of the United States Aaron Burr is arrested for treason, after attempting to form his own country from part of the Louisiana Purchase.
- ...in 1878, Thomas Edison patents the the first phonograph, which used a wax cylinder as a recording medium.
- ...in 1924, actor Lee Marvin ("The Dirty Dozen", "Cat Ballou") is born in New York City.
- ...in 1943, author and former NASA engineer Homer Hickam, known for his memoir "Rocket Boys", is born in Coalwood, WV.