IT Security Newsletter - 02/26/2021
Npower scraps app, and urges customers to change passwords, after data breach
UK energy firm Npower has scrapped its smartphone app following an attack by hackers that saw some users' accounts accessed and personal information stolen. As first reported by MoneySavingExpert, accounts with the energy company were targeted by a credential-stuffing attack. Credential-stuffing attacks exploit the fact that many people choose passwords that they had previously used elsewhere on the internet. As I say over-and-over again, you should never reuse your passwords. READ MORE...
Microsoft shares tool to hunt for compromise in SolarWinds breach
Microsoft is offering up the tool it used to track down potential indicators of compromise in the sweeping SolarWinds breach, the company announced Thursday. Microsoft is releasing the so-called CodeQL queries it used to investigate its source code, in an effort to help other organizations mitigate the risk from the cascading cyber-espionage campaign involving a breach at the U.S. federal contractor SolarWinds. Microsoft is aiming to help firms pinpoint code-level indicators of compromise (IoCs). READ MORE...
Dutch Research Council (NWO) confirms ransomware attack, data leak
The recent cyberattack that forced the Dutch Research Council (NWO) to take its servers offline and suspend grant allocation processes was caused by the DoppelPaymer ransomware gang. The hackers gained access to NWO's network on February 8 and stole internal documents, threatening with leaking them unless the organization paid a ransom. No dime for DoppelPaymer. Since NWO does not cooperate with cybercriminals, DoppelPaymer published proof of the stolen internal data on their leak site. READ MORE...
Malicious Mozilla Firefox Extension Allows Gmail Takeover
A newly uncovered cyberattack is taking control of victims' Gmail accounts, by using a customized, malicious Mozilla Firefox browser extension called FriarFox. Researchers say the threat campaign, observed in January and February, targeted Tibetan organizations and was tied to TA413, a known advanced persistent threat (APT) group that researchers believe to be aligned with the Chinese state. The group behind this attack aims to gather information on victims. READ MORE...
North Korean hackers target defense industry with custom malware
A North Korean-backed hacking group has targeted the defense industry with custom backdoor malware dubbed ThreatNeedle since early 2020 with the end goal of collecting highly sensitive information. This espionage campaign affected organizations from more than a dozen countries and was coordinated by DPRK-backed state hackers tracked as Lazarus Group. The attackers used COVID19-themed spear-phishing emails with malicious attachments or links. READ MORE...
Scammers, profiteers, and shady sites? It must be tax season
US tax season is upon us, a time of the year when a special kind of vermin comes crawling out of the woodwork: tax scammers! Not that their goals are any different from any other scammers. They want your hard-earned dollars in their pockets. Most of the tax-related attacks follow a few tried and true methods: A phishing email or scam call from someone purporting to be from the IRS, or an accountant offering to help you get a big refund. READ MORE...
Security, Privacy Issues Found in Tens of COVID-19 Contact Tracing Apps
An analysis of 40 COVID-19 contact tracing applications for Android has led to the discovery of numerous security and privacy issues, according to a new research paper. Contact tracing applications have been created to help authorities automate the process of identifying those who have been in close contact with infected individuals. Using a newly developed tool called COVIDGuardian, which was designed for both static and dynamic program analysis. READ MORE...
TikTok owner ByteDance to pay $92M in US privacy Settlement
TikTok's Chinese parent company ByteDance has agreed to pay $92 million in a settlement to U.S. users who are part of a class-action lawsuit alleging that the video-sharing app failed to get their consent to collect data in violation of a strict Illinois privacy law. The federal lawsuit alleged that TikTok broke the Illinois biometric privacy law, which allows suits against companies that harvest consumer data without consent, including via facial and fingerprint scanning. READ MORE...
- ...in 1919, President Woodrow Wilson signs an act of Congress establishing Grand Canyon National Park.
- ...in 1928, early rock 'n' roll musician Antoine "Fats" Domino ("Ain't That A Shame", "Blueberry Hill") is born in New Orleans, LA.
- ...in 1929, President Calvin Coolidge signs an executive order establishing Grand Teton National Park in Wyoming.
- ...in 1932, singer-songwriter Johnny Cash ("I Walk the Line", "Ring of Fire") is born in Kingsland, AR.