<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 04/07/2021

SHARE

Breaches

European Commission, other EU orgs recently hit by cyber-attack

The European Commission and several other European Union organizations were hit by a cyberattack in March, according to a European Commission spokesperson. As revealed by the spokesperson, the "IT security incident" impacted multiple EU institutions, bodies, or agencies' IT infrastructure. "We are working closely with CERT-EU, the Computer Emergency Response Team for all EU institutions, bodies and agencies and the vendor of the affected IT solution," the spokesperson told BleepingComputer. READ MORE...


Ransomware hits TU Dublin and National College of Ireland

The National College of Ireland (NCI) and the Technological University of Dublin have announced that ransomware attacks hit their IT system. NCI is currently working on restoring IT services after being hit by a ransomware attack over the weekend that forced the college to take IT systems offline. "NCI is currently experiencing a significant disruption to IT services that has impacted a number of college systems, including Moodle, the Library service and the current students' MyDetails service." READ MORE...

Hacking

A new headache for ransomware-hit companies. Extortionists emailing your customers

Cybercriminal extortionists have adopted a new tactic to apply even more pressure on their corporate victims: contacting the victims' customers, and asking them to demand a ransom is paid to protect their own privacy. At the end of March, Bleeping Computer reported that the Clop ransomware gang had not stopped at threatening hacked companies and contacting journalists, but had taken the additional step of direct emailing victims' customers whose details had been found in stolen data. READ MORE...


Hacker sells $38M worth of gift cards from thousands of shops

A Russian hacker has sold on a top-tier underground forum close to 900,000 gift cards with a total value estimated at $38 million. The database contained cards from thousands of brands and may originate from an older breach at the now-defunct discount gift card shop Cardpool. The seller did not disclose how they got the cache but claimed that it included 895,000 gift cards from 3,010 companies, including Airbnb, Amazon, American Airlines, Dunkin Donuts, Marriott, Nike,Target, and Walmart. READ MORE...


Aurora campaign: Attacking Azerbaijan using multiple RATs

As tensions between Azerbaijan and Armenia continue, we are still seeing a number of cyber attacks taking advantage of this situation. On March 5th 2021, we reported an actor that used steganography to drop a new .Net Remote Administration Trojan. Since that time, we have been monitoring this actor and were able to identify new activity where the threat actor switched their RAT from .Net to Python. Document Analysis. READ MORE...

Malware

Emerging hacking tool 'EtterSilent' mimics DocuSign, researchers find

Hackers are using a new, malleable malicious document builder to run their criminal schemes, according to Intel 471 research published Tuesday. The document builder, known as EtterSilent, has been advertised in a Russian cybercrime forum and comes in two versions, according to the research. One exploits a vulnerability in Microsoft Office, CVE-2017-8570, and one uses a malicious macro. One version of EtterSilent imitates the digital signature product DocuSign. READ MORE...

Exploits/Vulnerabilities

SAP applications are getting compromised by skilled attackers

Newly provisioned, unprotected SAP applications in cloud environments are getting discovered and compromised in mere hours, Onapsis researchers have found, and vulnerabilities affecting them are being weaponized in less than 72 hours after SAP releases security patches. Internet-exposed systems are more likely to be exploited and compromised, but there are also threats out there that are equipped to compromise SAP systems from the inside, they noted. The attackers can then move to steal. READ MORE...

Encryption

Massive increase in endpoint attacks, rising rate of encrypted malware and new exploits targeting IoT

Fileless malware and cryptominer attack rates grew by nearly 900% and 25% respectively, while unique ransomware payloads plummeted by 48% in 2020 compared to 2019, according to WatchGuard. Q4 2020 also brought a 41% increase in encrypted malware detections over the previous quarter and network attacks hit their highest levels since 2018. "The rise in sophisticated, evasive threat tactics last quarter and throughout 2020 showcases how vital it is to implement layered, end-to-end security protections" READ MORE...

On This Date

  • ...in 1954, international action film star Jackie Chan ("Rumble in the Bronx", "Rush Hour") is born in Hong Kong.
  • ...in 1964, IBM announces the System/360, the first mainframe computer system designed to cover the full range of scientific and commercial applications.
  • ...in 1983, astronauts Story Musgrave and Don Peterson make the first Space Shuttle spacewalk on Challenger's maiden voyage.
  • ...in 2001, the Mars Odyssey orbiter is launched. It will go on to become the longest-serving spacecraft at Mars, with a mission duration of 19 years and counting.