<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 02/24/2021



NASA and the FAA were also breached by the SolarWinds hackers

NASA and the US Federal Aviation Administration (FAA) have also been compromised by the nation-state hackers behind the SolarWinds supply-chain attack, according to a& Washington Post report. The two attacks are part of a broader espionage effort targeting and compromising multiple US government agencies over the last year. NASA (short for National Aeronautics and Space Administration) is an independent U.S. federal agency coordinating its civilian space program. READ MORE...

Plane-maker Bombardier discloses breach after stolen data surfaces

Hackers have exposed data about employees, customers and suppliers of Bombardier, a Canadian plane manufacturer, in what appears to be the latest ripple effect from a larger security incident humming through the private sector in North America. A forensic analysis revealed that "confidential" information originating at Bombardier was stolen in a recent incident, the company said Tuesday. The Montreal-based Bombardier, which reported $16 billion in revenue in 2018, did not specify exactly what happened. READ MORE...

Indian Railways suffers unspecified security 'breaches in various IT applications'

Indian Railways has revealed it has suffered "a number of incidents... regarding breaches in various IT applications" and appears to have blamed some of them on sloppy infosec practices among staff working from home due to the COVID-19 pandemic. The organisation's document [PDF] announcing the cyber-transgressions says "a majority of these are application related," but doesn't explain what applications were affected nor the extent of the intrusions. READ MORE...


Vietnamese Hackers Target Human Rights Defenders: Amnesty

Between February 2018 and November 2020, Vietnam-linked hacking group Ocean Lotus targeted Vietnamese human rights activists in the country and abroad with spyware, a new report from Amnesty International reveals. Also referred to as APT32, APT-C-00, SeaLotus, and Cobalt Kitty, Ocean Lotus is a highly sophisticated group that has been active since at least 2012, mainly focused on media, human rights, and civil society organizations, but also targeting Vietnamese political dissidents. READ MORE...

Finnish IT Giant Hit with Ransomware Cyberattack

A major Finnish IT provider has been hit with a ransomware attack that has forced the company to turn off some services and infrastructure in a disruption to customers, while it takes recovery measures. Norwegian business journal E24 reported the attack on Espoo, Finland-based TietoEVRY on Tuesday, claiming to have spoken with Geir Remman, a communications director at the company. Remman acknowledged technical problems with several services that TietoEVRY provides to 25 customers. READ MORE...


LazyScripter hackers target airlines with remote access trojans

Security researchers analyzing multiple sets of malicious emails believe they uncovered activity belonging to a previously unidentified actor that fits the description of an advanced persistent threat (APT). The actor received the name LazyScripter and has been active since 2018, using phishing to target individuals seeking immigration to Canada for a job, airlines, and the International Air Transport Association (IATA). READ MORE...


Ukraine: DDoS attacks on govt sites originated from Russia

The National Security and Defense Council (NSDC) of Ukraine is accusing threat actors located on Russia networks of performing DDoS attacks on Ukrainian government websites since February 18th. The National Coordination Center for Cybersecurity (NCCC) at the NSDC state that these DDoS attacks have been massive and have targeted government websites in the defense and security sector. While Ukraine did not directly accuse Russia of the denial of service attacks. READ MORE...

Critical VMware vCenter Server Flaw Can Expose Organizations to Remote Attacks

VMware on Tuesday informed customers that its vCenter Server product is affected by a critical vulnerability that can be exploited by an attacker to execute commands with elevated privileges. vCenter Server is a management software designed to provide a centralized platform for controlling VMware vSphere environments. The critical vulnerability, discovered by Positive Technologies researcher Mikhail Klyuchnikov, impacts a vCenter Server plugin used by the vSphere Client. READ MORE...

Science & Culture

Report: Fry's Electronics going out of business, shutting down all stores

Fry's Electronics, the decades-old superstore chain with locations in nine American states, appears to have gone defunct. Bay Area TV station KRON-4 was the first press outlet to confirm the news late Tuesday, saying that Fry's will shut down all 30 of its American locations. The retailer will reportedly make an announcement at some time on Wednesday via the Fry's website. Rumors began flying on Tuesday in the form of anecdotes from alleged Fry's employees. READ MORE...

On This Date

  • ...in 1868, the US House of Representatives adopts 11 articles of impeachment against President Andrew Johnson, who was later acquitted in the Senate.
  • ...in 1921, actor Abe Vigoda ("The Godfather," "Barney Miller") is born in Brooklyn, NY.
  • ...in 1955, Apple Computer and Pixar co-founder Steve Jobs is born in San Francisco, CA.
  • ...in 1991, after six weeks of intensive bombing against Iraq and its armed forces, U.S.-led coalition forces launch a ground invasion of Kuwait and Iraq.