<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 04/13/2021

SHARE

Top News

Dutch supermarkets run out of cheese after ransomware attack

A ransomware attack against conditioned warehousing and transportation provider Bakker Logistiek has caused a cheese shortage in Dutch supermarkets. Bakker Logistiek is one of the largest logistics services providers in the Netherlands, offering air-conditioned warehousing and food transportation for Dutch supermarkets. Last week, Bakker Logistiek suffered a ransomware attack that encrypted devices on their network and disrupted food transportation and fulfillment operations. READ MORE...

Breaches

Banking organizations dub proposed US cyber notification regulation 'burdensome'

Banking groups have objected to elements of a proposed U.S. cyber incident notification rule, saying that its threshold for mandatory disclosure of such events to regulators is overly broad and would lead to over-reporting of incidents. Under the proposed regulation from the Treasury Department and other regulators, banks would have to notify their regulators within 36 hours of certain kinds of attacks, and bank service providers would have to notify their customers. READ MORE...


Upstox warns of serious data breach, resets passwords

Indian stock trading firm Upstox has revealed to users that it has suffered a serious security breach that may have seen unauthorised criminal access to millions of customers' personal information. According to a statement posted by Upstox on its website, it became aware that criminals may have compromised its databases after receiving emails from the suspected hackers. READ MORE...

Hacking

Watch out for this W-2 phishing scam targeting the 2021 tax season

With the United State tax season in high gear, threat actors have sprung into action with a recent tax document phishing scam that abuses TypeForm forms to steal your login credentials. TypeForm is a website that allows you to create compelling and intricate forms that are used to collect legitimate information, conduct surveys, or even create quizzes that you can embed on a site. As with all good things, threat actors are known to abuse TypeForm to create convincing login forms. READ MORE...


Small Kansas Water Utility System Hacking Highlights Risks

A former Kansas utility worker has been charged with remotely tampering with a public water system's cleaning procedures, highlighting the difficulty smaller utilities face in protecting against hackers. Wyatt Travnichek, 22, was charged last month with remotely accessing the Post Rock Rural Water District's systems in March 2019, about two months after he quit his job with the utility. He's accused of shutting down the facility's cleaning and disinfecting procedures. READ MORE...

Trends

Microsoft Uses Machine Learning to Predict Attackers' Next Steps

Microsoft is developing ways to use machine learning to turn attackers' specific approaches to compromising targeted systems into models of behavior that can be used to automate the attribution of attacks to specific actors and predict the most likely next attack steps. In a research blog published earlier this month, the software giant stated it has used data collected on threat actors through its endpoint and cloud security products to train a large, probabilistic machine-learning model. READ MORE...

Malware

Sorry, Joe Biden isn't offering you a work visa, it's a scam

A US diplomatic mission in Nigeria warns of a visa scam affecting Nigerian citizens looking to move to the United States. It's an old scam message, dressed up with a fresh coat of paint. Shall we take a look? Work visa scams are a solid fixture in the scammer's toolkit. This one blends the pandemic, data harvesting, and a slice of bank account emptying. There's several variations of the scam, but they follow the same pattern. The fake e-visa press release. READ MORE...

Information Security

Charter must pay $19 million for tricking customers into switching ISPs

A judge has ordered Charter Communications to pay $19.2 million to Windstream for lying to customers in order to trick them into switching from Windstream to Charter's Spectrum Internet service. Charter also faces a $5,279 penalty for shutting off service to hundreds of Windstream's resale customers. When Windstream filed for bankruptcy in early 2019, Charter began a "literally false and intentionally misleading advertising campaign intended to create the impression. READ MORE...


Ex-DHS chief confirms suspected Russian hackers targeted his email account

Former acting Homeland Security Secretary Chad Wolf on Monday confirmed news reports that the suspected Russian spies behind a multi-prong breach of federal networks had targeted his email account while in office. "The fact that they got my email and knew that I was running late to meetings or I had a schedule change [was] not that big of a deal at the end of the day, but the overall access was," Wolf said during a webinar hosted by the Heritage Foundation. READ MORE...

Exploits/Vulnerabilities

PoC Exploit Released for Unpatched Flaw Affecting Chromium-Based Browsers

A researcher has made public a proof-of-concept (PoC) exploit for a recently discovered vulnerability affecting Chrome, Edge and other Chromium-based web browsers. On April 7, at the Pwn2Own 2021 hacking competition, Bruno Keith and Niklas Baumstark of Dataflow Security earned $100,000 for a remote code execution exploit that works against web browsers that are based on Google's open source Chromium project. READ MORE...


CS:GO, Valve Source games vulnerable to hacking using Steam invites

A group of security researchers known as the Secret Club took to Twitter to report a remote code execution bug in the Source 3D game engine developed by Valve and used for building games with tens of millions of unique players. A vulnerability in the game engine propagates to products built with it. In this case, multiple game titles built with Source are affected and require a patch to eliminate the risk to users. READ MORE...


New DNS vulnerabilities have the potential to impact millions of devices

These vulnerabilities affect four popular TCP/IP stacks - namely FreeBSD, IPnet, Nucleus NET and NetX - which are commonly present in well-known IT software and IoT/OT firmware and have the potential to impact millions of IoT devices around the world. FreeBSD is used for high-performance servers in millions of IT networks, including major web destinations such as Netflix and Yahoo. Meanwhile, IoT/OT firmware such as Siemens' Nucleus NET has been used for decades in critical OT and IoT devices. READ MORE...

Encryption

ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users

Someone is selling account information for 21 million customers of ParkMobile, a mobile parking app that's popular in North America. The stolen data includes customer email addresses, dates of birth, phone numbers, license plate numbers, hashed passwords and mailing addresses. KrebsOnSecurity first heard about breach from Gemini Advisory, a New York City based threat intelligence firm that keeps a close eye on the cybercrime forums. Gemini shared a new sales thread on a Russian-language forum. READ MORE...

On This Date

  • ...in 1861, after a 33-hour bombardment by Confederate cannon, Fort Sumter in Charleston Harbor surrenders.
  • ...in 1870, the Metropolitan Museum of Art is founded in New York City.
  • ...in 1984, Pete Rose becomes the first player in National League history to get 4,000 career hits.
  • ...in 1997, Tiger Woods becomes the youngest golfer to win golf's Masters Tournament, at the age of 21.