<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 03/25/2021

SHARE

Breaches

Air Charter Firm Solairus Aviation Suffers Data Breach

Private aviation services provider Solairus Aviation on Tuesday announced that some employee and customer data was compromised in a security incident at third-party vendor Avianis. In a data breach announcement on March 23, Solairus said aviation business management platform provider Avianis provided notification last December about an intrusion into Avianis' Microsoft Azure cloud platform, which hosts Solairus flight scheduling and tracking system. READ MORE...

Hacking

Engineer reports data leak to nonprofit, hears from the police

A security engineer and ex-contributor to an open systems non-profit organization recently reported a data leak to the organization. In return, he first got thanked for his responsible reporting, but later heard from their lawyers and the police. Apperta Foundation is a UK-based non-profit, supported by NHS England and NHS Digital, that promotes open systems and standards in the digital health and social care space. GitHub repository exposed passwords, keys, database. READ MORE...


Podcast: Microsoft Exchange Server Attack Onslaught Continues

Weeks after the disclosure around the ProxyLogon group of security bugs, exploitation attempts against unpatched Microsoft Exchange servers have skyrocketed. Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, said that last week researchers with FortiGuard Labs saw activity double over two days for cybercriminals targeting the vulnerabilities. The attackers are using the flaws to deploy cryptominers, ransomware. READ MORE...

Trends

6 Tips for Limiting Damage from Third-Party Attacks

The ability to protect your organization from third-party attacks will become increasingly critical as attackers try to maximize the effectiveness of their malicious campaigns. The breach disclosed by SolarWinds and another involving a legacy file transfer appliance from Accellion have focused fresh attention on the risks that enterprise organizations face from attacks via the software supply chain and other trusted third parties. READ MORE...

Malware

Facebook shuts down hackers who infected iOS and Android devices

Facebook said it has disrupted a hacking operation that used the social media platform to spread iOS and Android malware that spied on Uyghur people from the Xinjiang region of China. Malware for both mobile OSes had advanced capabilities that could steal just about anything stored on an infected device. The hackers, which researchers have linked to groups working on behalf of the Chinese government, planted the malware on websites frequented by activists, journalists. READ MORE...


BP Chargemaster's Pulse rebrand let crims send IcedID banking trojan from formerly legit mailboxes

BP Chargemaster, purveyors of sockets for electric vehicles, seemingly had its email domain hijacked by criminals who used formerly legitimate addresses to send banking trojans to customers. Malware-laden emails were sent from corporate email addresses earlier this month - and their attachments included the IcedID credential-stealing malware. It appears that a corporate mail server may have been left unattended after BP Chargemaster rebranded as BP Pulse at the start of December 2020. READ MORE...

Information Security

BackBlaze mistakenly shared backup metadata with Facebook

Backblaze has removed Facebook tracking code (also known as an advertising pixel) accidentally added to web UI pages only accessible to logged-in customers. The US-based cloud storage and online backup provider has customers from 175 countries and stores over 1 Exabyte of customer data on its servers. The tracking code was inadvertently added with a new Facebook advertising campaign that started on On March 8, said Yev Pusin, Backblaze's Senior Director Of Marketing. READ MORE...


Slack now lets you DM people outside your company

?Slack has enabled a new 'Slack Connect' feature that allows users to send messages or create shared channels with people outside of their organization. While users had previously been able to test the Slack Connect feature, it has begun to roll out to all paid workspaces today. "Slack Connect is a new way for organizations to drive business forward and communicate with their customers, partners and vendors as quickly and easily as they interact with their coworkers in Slack." READ MORE...

Exploits/Vulnerabilities

Active Exploits Hit WordPress Sites Vulnerable to Thrive Themes Flaws

Thrive Themes has recently patched vulnerabilities in its WordPress plugins and legacy Themes - but attackers are targeting those who haven't yet applied security updates. Attackers are actively exploiting two recently-patched vulnerabilities in a popular suite of tools for WordPress websites from marketing platform Thrive Themes. Thrive Themes offers various products to help WordPress websites "convert visitors into leads and customers." Its suite of products. READ MORE...

On This Date

  • ...in 1655, Saturn's largest moon, Titan, is discovered by Dutch scientist Christiaan Huygens using only a 50 power refracting telescope of his own design.
  • ...in 1807, British Parliament passes the Slave Trade Act, abolishing the slave trade in the British Empire.
  • ...in 1969, John Lennon and Yoko Ono hold their first "Bed-In for Peace" at the Amsterdam Hilton, lasting for a full week.
  • ...in 1995, computer programmer Ward Cunningham launches WikiWikiWeb, the world's first user-created "wiki" website community.