<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 03/22/2021

SHARE

Breaches

Computer giant Acer hit by $50 million ransomware attack

Computer giant Acer has been hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000. Acer is a Taiwanese electronics and computer maker well-known for laptops, desktops, and monitors. Acer employs approximately 7,000 employees and earned $7.8 billion in 2019. Yesterday, the ransomware gang announced on their data leak site that they had breached Acer and shared some images of allegedly stolen files as proof. READ MORE...


Hacker who breached Verkada charged with stealing data from over 100 companies

The hacker who claimed responsibility for breaching the live video streams of 150,000 CCTV cameras at police departments, hospitals, and well-known businesses has been charged by the US Department of Justice with hacking more than 100 companies. Swiss hacker Tillie Kottmann made headlines earlier this month when news broke that cloud-based surveillance startup Verkada had suffered a security breach, with video footage from the likes of Tesla and Cloudflare leaked. READ MORE...

Hacking

DDoS booters now abuse DTLS servers to amplify attacks

DDoS-for-hire services are now actively abusing misconfigured or out-of-date Datagram Transport Layer Security (D/TLS) servers to amplify Distributed Denial of Service (DDoS) attacks. DTLS is a UDP-based version of the Transport Layer Security (TLS) protocol that prevents eavesdropping and tampering in delay-sensitive apps and services. According to reports that surfaced in December, a DDOS attack used DTLS to amplify traffic from vulnerable Citrix ADC devices that used DTLS configurations. READ MORE...


Cyber Attack Tied to China Boosts Development Bank's Chief

The cyberattack crested just as finance officials from across Latin America were descending on Washington to commemorate the 60th anniversary of the Inter-American Development Bank. On Sept. 24, 2019, requests from more than 15,000 internet addresses throughout China flooded the bank's website, knocking part of it intermittently offline. To unclog the network, the bank took the drastic step of blocking all traffic from China. READ MORE...


Ransomware gang says it targets firms who have cyber insurance

The Record published an interesting interview last week with "Unknown", a representative of the notorious REvil ransomware gang. What I found particularly fascinating was a claim made by "Unknown" that the REvil gang specifically targets firms who have taken out insurance against ransomware attacks - presumably in the understandable belief that those corporate victims are more likely to pay up. But more than that, the claim is made that the insurance companies themselves are hacked. READ MORE...

Malware

Russian man pleads guilty to Tesla hacking plot

A 27-year-old Russian has pleaded guilty to working to recruit a Tesla employee to hack the Nevada-based company last year. The man, Egor Igorevich Kriuchkov, last year tried to convince the unnamed employee to launch malware against the company's computer network, allowing Kriuchkov and co-conspirators to steal data, according to court documents and admissions in court, the Department of Justice announced. READ MORE...


Resident Evil 8 just the latest game plagued by fake demos and early access scams

There's been a number of scams targeting fans of major upcoming video game releases over the last week or two. Why is this happening, and what can you do to ensure both you and your children avoid such fakeouts? Preview power: the 80s and 90s. Back in the 80s, games reviews were only really found in dedicated gaming magazines like ZZap!64 or Amstrad Action. A couple of magazine publishers had the idea to distribute full games and demos on cassette tapes mounted to the cover. READ MORE...

Information Security

Facebook outage affecting WhatsApp, Messenger and Instagram

Facebook services are currently experiencing issues around the world, with users unable to access Facebook, Messenger, WhatsApp, and Instagram. When attempting to access Facebook services, users worldwide have stated that the application will display a continuous "Connecting" message. In BleepingComputer tests here in the USA and India, we confirmed the outage and are unable to connect to the messaging platforms. READ MORE...


Researchers Raise Alarm for F5 BIG-IP Malware Attacks

The urgency to patch gaping security holes in F5 Networks BIG-IP and BIG-IQ products escalated over the weekend after researchers spotted malicious in-the-wild attack activity. Malware hunters at U.K.-based NCC Group are raising the alarm for mass scanning and "multiple exploitation attempts" with exploits targeting critical security flaws in the F5 enterprise networking infrastructure products. The vulnerabilities were patched on March 10 and are considered high-priority fixes. READ MORE...

Exploits/Vulnerabilities

Hackers are exploiting a server vulnerability with a severity of 9.8 out of 10

In a development security pros feared, attackers are actively targeting yet another set of critical server vulnerabilities that leave corporations and governments open to serious network intrusions. The vulnerability this time is in BIG-IP, a line of server appliances sold by Seattle-based F5 Networks. Customers use BIG-IP servers to manage traffic going into and out of large networks. Tasks include load balancing, DDoS mitigation, and web application security. READ MORE...


Phishers' perfect targets: Employees getting back to the office

Phishers have been exploiting people's fear and curiosity regarding breakthroughs and general news related to the COVID-19 pandemic from the very start, and will continue to do it for as long it affects out private and working lives. Cybercriminals continually exploit public interest in COVID-19 relief, vaccines, and variant news, spoofing the Centers for Disease Control (CDC), U.S. Internal Revenue Service (IRS), U.S. Department of Health and Human Services (HHS), World Health Organization. READ MORE...

On This Date

  • ...in 1887, comedian/musician Leonard "Chico" Marx of the Marx Brothers is born in New York City.
  • ...in 1946, American mathematician, computer scientist, and science fiction author Rudy Rucker is born in Louisville, KY.
  • ...in 1993, Intel ships the first Pentium chips, featuring a 60 MHz clock speed, 100+ MIPS, and a 64-bit data path.
  • ...in 1995, Cosmonaut Valeri Polyakov returns to Earth after spending nearly 438 consecutive days in space, a record that still stands today.