IT Security Newsletter - 03/05/2021
Multiple Airlines Impacted by Data Breach at Aviation IT Firm SITA
SITA, a multinational company that specializes in air transport communications and IT, this week confirmed falling victim to a cyberattack that appears to have impacted multiple airlines around the world. SITA said on Thursday that the attack, which it described as "highly sophisticated," affected certain passenger data stored on servers of SITA Passenger Service System (PSS) Inc., which operates passenger processing systems for airlines. READ MORE...
Ongoing phishing attacks target US brokers with fake FINRA audits
The US Financial Industry Regulatory Authority (FINRA) has issued a regulatory notice warning US brokerage firms and brokers of an ongoing phishing campaign using fake compliance audit alerts to harvest information. FINRA (Financial Industry Regulatory Authority), a non-profit organization supervised by the Securities and Exchange Commission (SEC), is the regulator for all US exchange markets and securities firms. READ MORE...
Hacked SendGrid accounts used in phishing attacks to steal logins
A phishing campaign targeting users of Outlook Web Access and Office 365 services collected thousands of credentials relying on trusted domains such as SendGrid. The threat actor behind this activity, which received the name "Compact," has been operating since at least the beginning of 2020 and likely collected more than 400,000 credentials in multiple campaigns. Using Zoom invites as a lure and an extensive list of email addresses. READ MORE...
Three New Malware Strains Linked to SolarWinds Hackers
Microsoft and cybersecurity firm FireEye on Thursday published blog posts detailing several new pieces of malware that they believe are linked to the hackers behind the supply chain attack targeting Texas-based IT management solutions provider SolarWinds. Microsoft has started tracking the threat actor behind the SolarWinds attack as NOBELIUM. The company has identified three new pieces of malware that it believes are used by the group after they have compromised the targeted organization's network. READ MORE...
German Officials Want Emails, IMs Tied to Real-World ID
Germany security officials are proposing that Internet companies should link a user's real-world identity to all of their instant messages, emails and other online communication, prompting criticism from digital rights activists. Like in many other countries, mobile phone firms in Germany are required to verify a customer's identity before selling them a SIM card. Under a proposal leaked late Tuesday, Germany's Interior Ministry wants the same rule to apply to "number independent". READ MORE...
Malicious Code Bombs Target Amazon, Lyft, Slack, Zillow
Attackers have weaponized code dependency confusion to target internal apps at tech giants. Researchers have spotted malicious packages targeting internal applications for Amazon, Lyft, Slack and Zillow (among others) inside the npm public code repository - all of which exfiltrate sensitive information. The packages weaponize a proof-of-concept (PoC) code dependency-confusion exploit that was recently devised by security researcher Alex Birsan to inject rogue code into developer projects. READ MORE...
- ...in 1770, British troops fatally shoot five American civilians in Boston, a key event leading to the American Revolution.
- ...in 1910, Japanese businessman Momofuku Ando, the inventor of instant ramen noodles, is born in Taiwan.
- ...in 1946, Winston Churchill uses the phrase "Iron Curtain" to describe Soviet domination of Eastern Europe, in a speech at Westminster College in Fulton, MO.
- ...in 1955, stage magician and author Penn Jillette, of the comedy magic act Penn & Teller, is born in Greenfield, MA.