<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 08/14/2020



RedCurl APT Group Hacks Global Companies for Corporate Espionage

RedCurl is its name. Corporate espionage is its game. Security researchers today published findings on a new APT group they claim has been stealing data from organizations around the world as far back as 2018. Since then, RedCurl has targeted at least 14 private companies in 26 attacks designed to steal documents containing commercial secrets and employees' personal information. Its targets span a range of industries and locations. READ MORE...

Business Email Compromise Attacks Involving MFA Bypass Increase

Multifactor authentication (MFA) is widely regarded as a strong measure for protecting against account takeover attacks. But as with almost any security control, adversaries have devised several ways to bypass it. Researchers from Abnormal Security this week reported observing a recent increase in attacks where threat actors used legacy apps with old email protocols, such as IMAP, SMTP, and POP, to access and take over business email accounts protected with MFA. READ MORE...


NSA, FBI Warn of Linux Malware Used in Espionage Attacks

The U.S. government is warning of new malware, dubbed Drovorub, that targets Linux systems. It also claims the malware was developed for a Russian military unit in order to carry out cyber-espionage operations. The malware, Drovorub, comes with a multitude of espionage capabilities, including stealing files and remotely controlling victims' computers. The malware is sophisticated and is designed for stealth, leveraging advanced "rootkit" technologies that make detection difficult. READ MORE...

A financially-motivated attack group is getting better at using this banking trojan

Threat actors using a common banking trojan are improving the ways they get it on victims' systems, according to new research from Juniper Networks' threat research team. In recent months the operators have been working to evade detection by using password protected attachments and keyword obfuscation in their trojanized documents, according to Juniper Threat Labs. And in the last month, the hackers have gone a step further and begun using a malicious DLL file to run a second-stage attack. READ MORE...

Information Security

Plymouth Passport Office's pitiful password privacy

An eagle-eyed passer-by spotted a password on clear display at Her Majesty's Passport Office in Ebrington Street, scrawled on a flipchart leaning against an upper window. Of course, with modern smartphone technology it's not hard for anyone to read a password written so large on a flipchart even if it is high up. Okay, so they've taken possibly the world's worst password, capitalised the first letter, changed an 'o' to a zero, and added a digit on the end, but err… that's pretty pitiful. READ MORE...

Black Hat USA 2020 Shines Spotlight on the Mental Challenges of Cybersecurity

Infosec practitioners face a variety of mental struggles in areas such as awareness training, problem solving, or general mental health. Several sessions at Black Hat USA 2020 highlighted these challenges and how to overcome them. Cybersecurity success has always depended upon more than technology alone. It requires techniques, tactics, and procedures, which in turn rely on imagination, problem-solving, and perseverance. READ MORE...

Hacker leaks data for U.S. gun exchange site on cybercrime forum

A hacker has released the databases of Utah-based gun exchange, hunting, and kratom sites for free on a cybercrime forum. On August 10th, a threat actor posted databases that they claim contain 195,000 user records for the utahgunexchange.com, 45,000 records for their video site, 15,000 records from the hunting site muleyfreak.com, and 24,000 user records from the Kratom site deepjunglekratom.com. All of these sites are based out of Utah, USA and samples of the databases shared by cybersecurity intelligence firm. READ MORE...


Healthcare Industry Sees Respite From Attacks in First Half of 2020

The number of breaches disclosed by healthcare companies to the US government declined slightly in the first half of the year compared with the latter half of 2019, according to a new analysis of the data provided by the US Department of Health and Human Services. The analysis found the number of breach reports declined 10% in the first half of 2020 compared with the previous six months, and the number of compromised records fell by a stunning 83%. READ MORE...


Tor and anonymous browsing - just how safe is it?

An article published on the open-to-allcomers blogging site Medium earlier this week has made for some scary headlines. Written as an independent research piece by an author going only by nusenu, the story is headlined: How Malicious Tor Relays are Exploiting Users in 2020 (Part I) Loosely speaking, that strapline implies that if you visit a website using Tor, typically in the hope of remaining anonymous and keeping away from unwanted surveillance, censorship or even just plain old web tracking for marketing purposes. READ MORE...

Science & Culture

Facebook hopes voting hub will curb mail-in voting misinformation

Facebook and Instagram are launching a new portal aimed at delivering accurate voting information ahead of the U.S. elections, an effort that coincides with ongoing misinformation surrounding the political process. The company announced Thursday it will launch a voter information hub that will include information about registration deadlines, ballot request information and the correct protocol for submitting a ballot. The hub will exist as a standalone web page. READ MORE...

On This Date

  • ...in 1935, President Franklin D. Roosevelt signs into law the Social Security Act.
  • ...in 1945, an official announcement of Japan's unconditional surrender to the Allies is made public to the Japanese people.
  • ...in 1994, terrorist Illich Ramirez Sanchez, long known as Carlos the Jackal, is captured in Khartoum, Sudan, by French intelligence agents.
  • ...in 2003, a major outage knocked out power across the eastern United States and parts of Canada.