IT Security Newsletter - 5/14/24
Helsinki suffers data breach after hackers exploit unpatched flaw
The City of Helsinki is investigating a data breach in its education division, which it discovered in late April 2024, impacting tens of thousands of students, guardians, and personnel. Though information about the attack was circulated on May 2, 2024, the city's authorities shared more details in a press conference earlier today. According to the details disclosed today, an unauthorized actor gained access to a network drive after exploiting a vulnerability in a remote access server. READ MORE...
'Cyberattack' shutters Christie's website days before $840M art mega-auction
Christie's website remains offline as of Monday after a "technology security issue" shut it down Thursday night - just days before the venerable auction house planned to flog $840 million of art. As of Friday morning and still today, Christie's redirects visitors to a temporary website, reportedly due to a cyberattack. It's not thought, at the moment, that any customer data has been stolen. In a statement to the media, Christie's confirmed "a technology security issue has impacted some of our systems, including our website." READ MORE...
Prison for cybersecurity expert selling private videos from inside 400,000 homes
A Korean cybersecurity expert has been sentenced to prison for illegally accessing and distributing private videos from vulnerable "wallpad" cameras in 400,000 private households. The 41-year-old man, who has not been officially named, succeeded in remotely accessing 638 apartment complexes in South Korea. He exploited over 400,000 smart home devices used by residents to operate their video security systems and other domestic functions. READ MORE...
Hackers use DNS tunneling for network scanning, tracking victims
Threat actors are using Domain Name System (DNS) tunneling to track when their targets open phishing emails and click on malicious links, and to scan networks for potential vulnerabilities. DNS tunneling is the encoding of data or commands that are sent and retrieved via DNS queries, essentially turning DNS, a fundamental network communication component, into a covert communications channel. The threat actors encode the data in various ways... READ MORE...
Only one-third of firms deploy safeguards against generative AI threats, report finds
Generative AI gives attackers an edge over cyber defenders, according to a Splunk survey of security experts. Cyberattacks annually soared 26% on average from 2017 until 2023, Moody's Investors Service said last month, citing University of Maryland data. "This number is likely to be understated since organizations are often not required to report cyberattacks." As cybersecurity risks rise, generative AI will likely favor attackers over the short-to-medium term, Moody's said. READ MORE...
Apple releases iOS 17.5, macOS 14.5, and other updates as new iPads launch
Apple has released the latest updates for virtually all of its actively supported devices today. Most include a couple handfuls of security updates, some new features for Apple News+ subscribers, and something called Cross-Platform Tracking Protection for Bluetooth devices. The iOS 17.5, iPadOS 17.5, macOS 4.5, watchOS 10.5, tvOS 17.5, and HomePod Software 17.5 updates are all available to download now. READ MORE...
Uncle Sam urges action after Black Basta ransomware infects Ascension
US information security agencies have published advisories on how to detect and thwart the Black Basta ransomware gang - after the crew claimed responsibility for the recent attack on US healthcare provider Ascension. Both CISA and Health-ISAC shared bulletins on Black Basta within hours of El Reg sources saying ransomware was involved in the incident and that some facilities had resorted to pen-and-paper operations. CNN later reported Black Basta specifically was behind it all. READ MORE...
Heartbleed: When Is It Good to Name a Vulnerability?
Ten years have passed since Heartbleed was first identified, but the security industry is still grappling with the question of branded vulnerabilities and naming vulnerabilities appropriately. Back in April 2014, researchers uncovered a serious vulnerability in OpenSSL. There are many serious vulnerabilities, but this one was particularly bad, with security expert Bruce Schneier calling it "catastrophic." On his blog, Schneier wrote, "On the scale of 1 to 10, this is an 11." READ MORE...
- ...in 1804, the Lewis and Clark Expedition departs to map and explore the Louisiana Purchase.
- ...in 1955, the Warsaw Pact treaty is signed by the Soviet Union and seven other Communist bloc nations.
- ...in 1973, the United States launches its first space station, Skylab.
- On this date, singer-songwriter and Talking Heads founding member David Byrne is born in Dumbarton, Scotland.