IT Security Newsletter - 02/22/2021
Worldwide Accellion data breaches linked to Clop ransomware gang
Threat actors associated with financially-motivated hacker groups combined multiple zero-day vulnerabilities and a new web shell to breach up to 100 companies using Accellion's legacy File Transfer Appliance and steal sensitive files. The attacks occurred in mid-December 2020 and involved the Clop ransomware gang and the FIN11 threat group. Unlike previous attacks by these groups, the Clop file-encrypting malware was not deployed. READ MORE...
Lakehead University shuts down campus network after cyberattack
Canadian undergraduate research university Lakehead has been dealing with a cyberattack that forced the institution earlier this week to cut off access to its servers. The school's services, including its website, have been down since Tuesday, with personnel shutting down computers on the Thunder Bay and Orillia campuses to stop the attack from spreading. In a communication on Thursday, Lakehead University provided some details about the attack saying that it was aimed at its file share servers. READ MORE...
Malformed URL Prefix Phishing Attacks Spike 6,000%
Sneaky attackers are flipping backslashes in phishing email URLs to evade protections, researchers said. Researchers from GreatHorn report they have observed a nearly 6,000-percent jump in attacks using "malformed URL prefixes" to evade protections and deliver phishing emails that look legit. They look legit, that is, unless you look closely at the symbols used in the prefix before the URL. "The URLs are malformed, not utilizing the normal URL protocols, such as http:// or https://." READ MORE...
New malware found on 30,000 Macs has security pros stumped
A previously undetected piece of malware found on almost 30,000 Macs worldwide is generating intrigue in security circles, and security researchers are still trying to understand precisely what it does and what purpose its self-destruct capability serves. Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload on any of the infected 30,000 machines. READ MORE...
Credential-Stuffing Attack Targets Regional Internet Registry
RIPE NCC, the regional Internet registry for Europe, West Asia, and the former Soviet Union, said attackers attempted a credential-stuffing attack against its single-sign on service. Regional internet registry RIPE NCC is warning of a credential-stuffing attack against its single sign-on service, RIPE NCC Access, and is encouraging users to implement two-factor authentication (2FA). READ MORE...
Suspected Russian Hack Fuels New US Action on Cybersecurity
Jolted by a sweeping hack that may have revealed government and corporate secrets to Russia, U.S. officials are scrambling to reinforce the nation's cyber defenses and recognizing that an agency created two years ago to protect America's networks and infrastructure lacks the money, tools and authority to counter such sophisticated threats. The breach, which hijacked widely used software from Texas-based SolarWinds Inc., has exposed the profound vulnerability of civilian government networks. READ MORE...
- ...in 1732, American general and first President of the United States George Washington is born in Virginia.
- ...in 1918, TV and radio announcer Don Pardo, who lent his voice to 39 seasons of "Saturday Night Live", is born in Westfield, MA.
- ...in 1924, Calvin Coolidge becomes the first US President to deliver a radio address from the White House.
- ...in 1959, TV and film actor Kyle MacLachlan ("Twin Peaks", "Portlandia") is born in Yakima, WA.
- ...in 1997, Scottish scientists announce the first successful cloning of a mammal from an adult cell, a sheep named Dolly.