IT Security Newsletter

IT Security Newsletter - 03/24/2021

Written by Cadre | Wed, Mar 24, 2021

Clothes retailer Fatface: Someone's broken in and accessed your personal data, including partial card payment details... Don't tell anyone

British clothes retailer Fatface has infuriated some customers by telling them "an unauthorised third party" gained access to systems holding their data earlier this year, and then asking them to keep news of the blunder to themselves. Several people wrote into The Register to let us know about the personal data leak, with reader Terry saying: "You will notice the Fatface email is marked as confidential. This annoyed me." READ MORE...

Ransomware gang leaks data stolen from Colorado, Miami universities

Grades and social security numbers for students at the University of Colorado and University of Miami patient data have been posted online by the Clop ransomware group. Starting in December, threat actors affiliated with the Clop ransomware operation began targeting Accellion FTA servers and stealing the data stored on them. Companies use these servers to share sensitive files and information with people outside of their organization. READ MORE...

Insurer CNA Says Cyberattack Caused Network Disruption

Commercial insurer CNA on Tuesday announced that it was recently targeted in what it described as a sophisticated cyberattack. The Chicago, Illinois-based company is one of the largest commercial insurers in the United States, offering cyber insurance policies alongside a broad range of other insurance products. In a March 23 announcement, the company revealed that, over the weekend, it fell victim to a cyberattack that impacted certain systems, and which resulted in network disruptions. READ MORE...

When contractors attack: two years in jail for vengeful IT admin

An IT contractor working for an IT consultancy company took it upon himself to perform an act of revenge against the firm he worked at, after they complained about his performance. The charge he faced was breaking into the network of a company in Carlsbad, California. And it got him two years in prison. What happened? Deepanshu Kher was helping a client to transition to a Microsoft Office 365 environment. But apparently the client company was so displeased with Kher's performance. READ MORE...

High-availability server maker Stratus hit by ransomware

Stratus Technologies has suffered a ransomware attack that required systems to be taken offline to prevent the attack's spread. Stratus Technologies is a well-known provider of high availability products, such as their ztC edge computing devices and the ftServer fault-tolerant server solution. Stratus products are commonly used by banks, telecommunication providers, emergency call centers, and healthcare that require fault-tolerant 99.999% (five nines) uptime. READ MORE...

Ransomware attacks hit event-management, wireless technology firms

A Washington, D.C.-area event-management firm and a Canadian wireless technology provider are dealing with separate ransomware incidents - a reminder of a digital scourge that costs U.S. businesses many millions of dollars a year. The incidents come as the Department of Homeland Security has undertaken a new initiative, backed by $25 million in additional funding, to combat a steady stream of ransomware attacks. READ MORE...

Honeywell Says Malware Disrupted IT Systems

Industrial giant Honeywell on Tuesday revealed that some of its IT systems were disrupted as a result of a malware attack. The company said the intrusion was detected "recently" and only a "limited number" of IT systems were disrupted. No other information has been provided regarding impact. "At this time, we do not expect this incident will have a material impact on Honeywell," the company stated. "We promptly took steps to address the incident including partnering with Microsoft[...]" READ MORE...

Purple Fox malware worms its way into exposed Windows systems

Purple Fox, a malware previously distributed via exploit kits and phishing emails, has now added a worm module that allows it to scan for and infect Windows system reachable over the Internet in ongoing attacks. The malware comes with rootkit and backdoor capabilities, was first spotted in 2018 after infecting at least 30,000 devices, and is used as a downloader to deploy other malware strains. Purple Fox's exploit kit module has also targeted Windows systems in the past to infect Windows users. READ MORE...

Purple Fox Malware Squirms Like a Worm on Windows

Malware hunters at Guardicore are warning that an aggressive botnet operator has turned to SMB password brute-forcing to infect and spread like a worm across the Microsoft Windows ecosystem. The malware campaign, dubbed Purple Fox, has been active since at least 2018 and the discovery of the new worm-like infection vector is yet another sign that consumer-grade malware continues to reap profits for cybercriminals. READ MORE...

Microsoft warns of phishing attacks bypassing email gateways

An ongoing phishing operation that stole an estimated 400,000 OWA and Office 365 credentials since December has now expanded to abuse new legitimate services to bypass secure email gateways (SEGs). The attacks are part of multiple phishing campaigns collectively dubbed the "Compact" Campaign, active since early 2020 first detected by the WMC Global Threat Intelligence Team. "Phishers continue to find success in using compromised accounts on email marketing services to send malicious emails[...]" READ MORE...

Bank loses customers' social security numbers after ransomware attack

Clop ransomware gang exploited Accellion flaws to steal data. Customers angry that their details were breached, even after closing their accounts long ago. Things don't get much worse than having to admit to your employees that a gang of cybercriminals have broken into your infrastructure, stolen the private details (social security numbers, names and home addresses) of your staff, and are demanding that your company pays a ransom before further sensitive data is leaked. READ MORE...

  • ...in 1874, legendary stage magician and escape artist Erik Weisz, AKA Harry Houdini, is born in Budapest, Hungary.
  • ...in 1882, pioneering German microbiologist Robert Koch announces his discovery of the bacterium responsible for tuberculosis.
  • ...in 1940, fashion designer and costumer Bob Mackie, responsible for dressing entertainment icons since the early 1960s, is born in Monterey Park, CA.
  • ...in 1958, Elvis Presley is drafted into the U.S. Army, joining the 3rd Armored Division in Friedberg, Germany before being honorably discharged in March 1960.