<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 03/18/2021

SHARE

Breaches

Chile's bank regulator shares IOCs after Microsoft Exchange hack

Chile's Comisión para el Mercado Financiero (CMF) has disclosed that their Microsoft Exchange server was compromised through the recently disclosed ProxyLogon vulnerabilities. The CMF operates under the Ministry of Finance and is the regulator and inspector for banks and financial institutions in Chile. recently disclosed ProxyLogon vulnerabilities in their Microsoft Exchange servers to install web shells and attempt to steal credentials. READ MORE...

Hacking

Chinese nation state hackers linked to Finnish Parliament hack

Chinese nation-state hackers have been linked to an attack on the Parliament of Finland that took place last year and led to the compromise of some parliament email accounts. "Some parliament e-mail accounts may have been compromised as a result of the attack, among them e-mail accounts that belong to MPs," Parliament officials said at the time. The attack was detected by the Finnish Parliament's security team and is being investigated by the Finnish National Bureau of Investigation (NBI). READ MORE...


Polish State Websites Hacked and Used to Spread False Info

Two Polish government websites were hacked Wednesday and used briefly to spread false information about a non-existent radioactive threat, in what a Polish government official said had the hallmarks of a Russian cyberattack. The National Atomic Energy Agency and Health Ministry websites briefly carried claims of a supposed nuclear waste leak coming from neighboring Lithuania and threatening Poland. READ MORE...

Malware

Attackers are trying awfully hard to backdoor iOS developers' Macs

Researchers said they've found a trojanized code library in the wild that attempts to install advanced surveillance malware on the Macs of iOS software developers. It came in the form of a malicious project the attacker wrote for Xcode, a developer tool that Apple makes freely available to developers writing apps for iOS or another Apple OS. The project was a copy of TabBarInteraction, a legitimate open source project that makes it easier for developers to animate iOS tab bars. READ MORE...


Five Months After Takedown Attempt, CISA and FBI Warn of Ongoing TrickBot Attacks

Attacks employing the TrickBot malware continue, leveraging phishing emails as the initial infection vector, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) warn. In a joint advisory published on Wednesday, the two agencies revealed that a sophisticated group of cybercrime actors is leveraging a traffic infringement phishing scheme to lure victims into downloading the TrickBot malware. READ MORE...


$4,000 COVID-19 'Relief Checks' Cloak Dridex Malware

The American Rescue Act is the latest zeitgeisty lure being circulated in an email campaign. Cybercriminals have wasted no time in hopping on the American Rescue Plan - the COVID-19 relief legislation just signed into law - as a lure for email-based scams. According to researchers at Cofense, a campaign began circulating in March that capitalized on Americans' interest in the forthcoming $1,400 relief payments and other aid. READ MORE...

Information Security

McAfee, the company, says Chinese attackers targeted Asian and US telcos

Fake Huawei and Flash sites helped steal info about 5G tech. Security vendor McAfee has detected an attack it believes was likely aimed at telecoms companies in the hope of stealing information related to 5G networks. McAfee has named the attack "Operation Diànxùn" and says it resembles past attacks perpetrated by groups named RedDelta and Mustang Panda. Both groups have been associated with China by other security researchers. READ MORE...

Exploits/Vulnerabilities

Cypriot sentenced for email hacking committed as teen

A 22-year-old from Cyprus has received a sentence for pleading guilty to computer fraud conspiracy and computer fraud for allegedly hacking websites and extorting them for money, the Department of Justice announced Thursday. The Cypriot, Joshua Polloso Epifaniou, allegedly exploited security vulnerabilities to steal sensitive personal information from user and customer databases between October 2014 and November 2016, READ MORE...

Encryption

Fintech Giant Fiserv Used Unclaimed Domain

If you sell Web-based software for a living and ship code that references an unregistered domain name, you are asking for trouble. But when the same mistake is made by a Fortune 500 company, the results can range from costly to disastrous. Here's the story of one such goof committed by Fiserv [NASDAQ:FISV], a $15 billion firm that provides online banking software and other technology solutions to thousands of financial institutions. READ MORE...

On This Date

  • ...in 1766, the British Parliament repeals the Stamp Act, removing the tax on printed materials produced in the American colonies.
  • ...in 1850, American Express is founded by Henry Wells and William Fargo.
  • ...in 1935, Parker Bros. bought the the rights to Charles Darrow's version of Monopoly, nearly the same as the one still played today.
  • ...in 1965, Soviet cosmonaut Alexey Leonov becomes the first person to walk in space, leaving his Voskhod 2 spacecraft for a full 12 minutes and nine seconds.