<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 08/17/2020

SHARE

Breaches

Business technology giant Konica Minolta hit by new ransomware

Business technology giant Konica Minolta was hit with a ransomware attack at the end of July that impacted services for almost a week, BleepingComputer has learned. Konica Minolta is a Japanese multinational business technology giant with almost 44,000 employees and over $9 billion in revenue for 2019. The company offers a wide variety of services and products ranging from printing solutions, healthcare technology, to providing managed IT services to businesses. READ MORE...


U.S. spirits and wine giant hit by cyberattack, 1TB of data stolen

Brown-Forman, one of the largest U.S. companies in the spirits and wine business, suffered a cyber attack. The intruders allegedly copied 1TB of confidential data, they plan on selling to the highest bidder the most important info and leak the rest. Headquartered in Louisville, Kentucky, the company holds world-known whiskey and scotch brands like Jack Daniel's, Woodford, Old Forester, Collingwood, Glenglassaugh, and Glendronach, Herradura, El Jimador, and Pepe Lopez tequila, Finlandia vodka, and Sonoma-Cutrer wines. READ MORE...

Hacking

Over 25% of all UK universities were attacked by ransomware

A third of the universities in the United Kingdom responding to a freedom of information (FOI) request admitted to being a victim of a ransomware attack. These represent more than 25% of the universities and colleges in the country. The incidents occurred in the past decade, most of them between 2015 and 2017. Several educational institutions suffered at least two file-encrypting attacks over the past decade, one of them recording more than 40 since 2013. READ MORE...


Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

R1 RCM Inc. [NASDAQ:RCM], one of the nation's largest medical debt collection companies, has been hit in a ransomware attack. Formerly known as Accretive Health Inc., Chicago-based R1 RCM brought in revenues of $1.18 billion in 2019. The company has more than 19,000 employees and contracts with at least 750 healthcare organizations nationwide. R1 RCM acknowledged taking down its systems in response to a ransomware attack, but otherwise declined to comment for this story. READ MORE...

Trends

Infineon and Fingerprint Cards partner to enable mass deployment of biometric payment cards

Biometric payment cards with an integrated fingerprint sensor make contactless payments more convenient, more secure and hygienic. The contactless card remains in the hands of the cardholder throughout the entire payment transaction, while eliminating the need for PIN entries or signatures to authorize even high-value payments. Infineon Technologies and Fingerprint Cards have joined forces to enable mass deployment of this emerging solution. READ MORE...

Software Updates

What's new in Windows 10 20H2, arriving later this year

Following the launch of May 2020 Update (version 2004) in May, Microsoft is now preparing the next version of Windows 10 called "version 20H2". This update is currently available for beta testing with Windows Insiders and is already live in the Beta Channel of the program. It does not bring a major overall to Windows 10, but there are still a few important changes coming in the Windows 10 version 20H2, including the new theme-aware Start Menu. READ MORE...

Malware

XCSSET Mac Malware Steals Information, Spreads via Xcode Projects

A newly discovered piece of malware designed to target macOS systems spreads through Xcode projects and exploits what researchers have described as two zero-day vulnerabilities. Named XCSSET, the malware can allow its operator to steal sensitive information and launch ransomware attacks, Trend Micro reported on Thursday. Specifically, it can help hackers obtain information associated with the Evernote, Skype, Notes, QQ, WeChat, and Telegram apps, capture screenshots, and upload files to the attackers' server. READ MORE...

Information Security

3 tips to increase speed and minimize risk when making IT decisions

There is nothing like a crisis to create a sense of urgency and spawn actions. This is especially true for enterprise IT teams, who are tasked with new responsibilities and critical decisions. Speed matters in the heat of the moment and many leaders may not take the necessary steps to assess the risk of their decisions in order to mitigate the crisis quickly. When processes are rushed, security concerns and other gaps in the system move to the front and center. Balancing speed vs. READ MORE...

Exploits/Vulnerabilities

Emotet malware strikes U.S. businesses with COVID-19 spam

The Emotet malware has begun to spam COVID-19 related emails to U.S. businesses after not being active for most of the USA pandemic. Before going dark on Feb 7th, 2020, the Emotet malware was commonly spamming COVID-19 themed spam to distribute malware in other countries already affected by the pandemic. As the start of the USA's pandemic was around March, Emotet never had the chance to target U.S. businesses with COVID-19 related spam. READ MORE...


Potential Apache Struts 2 RCE flaw fixed, PoCs released

Have you already updated your Apache Struts 2 to version 2.5.22, released in November 2019? You might want to, and quickly, as information about a potential RCE vulnerability (CVE-2019-0230) and PoC exploits for it have been published. About the vulnerability (CVE-2019-0230) "CVE-2019-0230 is a forced double Object-Graph Navigation Language (OGNL) evaluation vulnerability that occurs when Struts tries to perform an evaluation of raw user input inside of tag attributes. READ MORE...

On This Date

  • ...in 1833, The first steam ship to cross the Atlantic entirely on its own power, the Canadian ship Royal William, begins her journey from Nova Scotia to The Isle of Wight.
  • ...in 1863, Union gunboats bombard Confederate-held Fort Sumter in Charleston, South Carolina.
  • ...in 1978, Three Americans complete the first crossing of the Atlantic in a balloon.
  • ...in 2008, American swimmer Michael Phelps wins a world-record eight gold medals in a single Olympic Games.