<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 04/06/2021

SHARE

Breaches

Suspected Chinese spies cover tracks in efforts to breach Vietnamese government

A previously undocumented group of Chinese-speaking spies conducted a months-long campaign to infect the computers of government agencies in Vietnam and other Asian countries, researchers from the antivirus firm Kaspersky said Monday. The findings point to how alleged Chinese hacking groups overlap - and may collaborate - in their longstanding efforts to infiltrate the Southeast Asian governments with which China quarrels over territory. READ MORE...

Hacking

Ongoing attacks are targeting unsecured mission-critical SAP apps

Threat actors are targeting mission-critical SAP applications unsecured against already patched vulnerabilities, exposing the networks of commercial and government organizations to attacks. Over 400,000 orgs worldwide and 92% of Forbes Global 2000 use SAP's enterprise apps for supply chain management (SCM), enterprise resource planning (ERP), product lifecycle management (PLM), and customer relationship management (CRM). READ MORE...


Ransom Gangs Emailing Victim Customers for Leverage

Some of the top ransomware gangs are deploying a new pressure tactic to push more victim organizations into paying an extortion demand: Emailing the victim's customers and partners directly, warning that their data will be leaked to the dark web unless they can convince the victim firm to pay up. "Good day! If you received this letter, you are a customer, buyer, partner or employee of [victim]," the missive reads. "The company has been hacked, data has been stolen [...]" READ MORE...


CISA, FBI Warn of Attacks Targeting Fortinet FortiOS

The U.S. government is warning that Advanced Persistent Threat (APT) actors are exploiting vulnerabilities in Fortinet FortiOS in ongoing attacks targeting commercial, government, and technology services networks. The warning, issued in a joint advisory by FBI and the Cybersecurity and Infrastructure Security Agency (CISA), follows the recent release of security patches covering serious security flaws in Fortinet's flagship FortiOS product. READ MORE...

Malware

EtterSilent maldoc builder used by top cybercriminal gangs

A malicious document builder named EtterSilent is gaining more attention on underground forums, security researchers note. As its popularity increased, the developer kept improving it to avoid detection from security solutions. Cybercriminals behind operations with notorious malware started to include EtterSilent in their campaigns more often to increase the payload delivery success rate. Using macros and exploits. READ MORE...


LinkedIn Spear-Phishing Campaign Targets Job Hunters

A threat group called Golden Chickens is delivering the fileless backdoor more_eggs through a spear-phishing campaign targeting professionals on LinkedIn with fake job offers, according to researchers at eSentire. The phishing emails try to trick a victim into clicking on a malicious .ZIP file by picking up the victim's current job title and adding the word "position" at the end, making it appear like a legitimate offer. READ MORE...

Information Security

Research claims Google Pixel phones share 20 times more data than iPhones

If you're an Android phone user, now might be a good time to invest in a good pair of ear plugs. Fans of iPhones aren't known for being shy when it comes to telling Android users that Apple products are superior, and things may be about to get worse, thanks to a new research paper (pdf). Researchers of the School of Computer Science and Statistics at Trinity College Dublin, Ireland decided to investigate what data iOS on an iPhone shares with Apple. READ MORE...

Exploits/Vulnerabilities

US DoD Launches Vuln Disclosure Program for Contractor Networks

The United States Department of Defense (DoD) this week announced the launch of a new vulnerability disclosure program on HackerOne to identify vulnerabilities in Defense Industrial Base (DIB) contractor networks. Running as a pilot, the Defense Industrial Base Vulnerability Disclosure Program (DIB-VDP) covers participating DoD contractor partner's information systems and web properties, as well as other assets within scope, and is separate from the DoD vulnerability disclosure program. READ MORE...


VMware Patches Critical Flaw in Carbon Black Cloud Workload

A critical vulnerability recently addressed in the VMware Carbon Black Cloud Workload could be abused to execute code on a vulnerable server, according to a warning from a security researcher who discovered the bug. Tracked as CVE-2021-21982 and featuring a CVSS score of 9.1, the recently addressed vulnerability resides in the administrative interface for the appliance and exists because attackers could bypass authentication through manipulation of a URL on the interface. READ MORE...

On This Date

  • ...in 1830, the Church of Christ, the original church of the Latter Day Saint movement (popularly known as Mormonism), is organized in the state of New York.
  • ...in 1841, John Tyler is inaugurated as the 10th president, two days after the sudden death of President William Henry Harrison.
  • ...in 1896, the first modern Olympic Games opens in Athens, Greece, over 1500 years after the original games were banned by Roman Emperor Theodosius I.
  • ...in 1974, the Swedish pop group ABBA wins the Eurovision Song Contest with the song "Waterloo", launching them to international fame.