IT Security Newsletter - 08/19/2020
Ransomware Attack on Carnival May Have Been Its Second Compromise This Year
Security vendor Prevailion says it observed signs of malicious activity on the cruise operator's network between at least February and June. Cruise operator Carnival Corp., which announced a major ransomware attack on its systems this week, may have experienced at least one more - so far undisclosed - network compromise earlier this year. According to data from Prevailion, a security vendor that tracks command-and-control activity across the Internet. READ MORE...
Ritz London clients scammed after apparent data breach
Armed with personal data stolen from the hotel's dining reservation system, fraudsters trick guests into handing over their credit card details. The Ritz London has launched an investigation into a potential data breach that affected its food and beverage reservation system. The information stolen in the breach seems to have been used by fraudsters to worm their way into the wallets of the hotel's clients. In a series of tweets shared over the weekend. READ MORE...
FritzFrog malware attacks Linux servers over SSH to mine Monero
A sophisticated botnet campaign named FritzFrog has been discovered breaching SSH servers around the world, since at least January 2020. Written in Golang, FritzFrog is both a worm and a botnet that targets government, education, and finance sectors. The attack has already managed to infiltrate over 500 servers in the U.S. and Europe, of universities and a railway company. The advanced nature of FritzFrog lies in its proprietary and fileless P2P implementation written from scratch. READ MORE...
The Sounds a Key Make Can Produce 3D-Printed Replica
Researchers reveal technology called SpiKey that can 'listen' to the clicks a key makes in a lock and create a duplicate from the sounds. Security researchers have given a whole new meaning to "picking a lock," demonstrating that they can use audio and signal-processing technology to listen to the sounds a key makes when it opens a lock and then 3D-print a duplicate from a recording. The attack, called SpiKey, leverages any basic recording technology-such as the one found on any smartphone. READ MORE...
Airline DMARC Policies Lag, Opening Flyers to Email Fraud
Up to 61 percent out of the IATA (International Air Transport Association) airline members do not have a published DMARC record. More than half of global airlines do not have DMARC policies in place, opening their customers up to email fraud attacks, a new report found. DMARC (Domain-based Message Authentication, Reporting & Conformance) is considered the industry standard for email authentication to prevent attackers from sending mails with counterfeit addresses. READ MORE...
Duri campaign smuggles malware via HTML and JavaScript
"Traditional network security solutions such as proxies, firewalls, and sandboxes rely on the transfer of objects over the wire. For example, a sandbox might extract file objects such as .exe, .zip, and other suspicious objects from the wire and then send them to the sandbox for detonation," reads a report published by Menlo Security. However, Duri incorporates a special technique, known as HTML smuggling. Back in July, researchers at Menlo Security observed a suspicious download being blocked by their web browser. READ MORE...
Researchers detail bug in wireless devices impacting critical sectors
A vulnerability affecting components used in millions of critical connected devices in the automotive, energy, telecom, and medical sector could let hackers hijack the device or access the internal network. In some cases, the flaw is remotely exploitable over 3G. Researchers found it in the Cinterion EHS8 M2M module from Thales (formerly from Gemalto, acquired by Thales in 2019) but the vendor also confirmed it in BGS5, EHS5/6/8, PDS5/6/8, ELS61, ELS81, PLS62. READ MORE...
Four Ways to Mitigate Supply Chain Security Risks From Ripple20
Enterprises can significantly alleviate current and long-standing third-party risk by using tactical and strategic efforts to assess and manage them. COVID-19 has exposed new levels of third-party security risk for enterprises. Many companies now use outside service providers to manage essential operations or house sensitive information. Data centers host company data, including the personal information of employees and customers. Corporate administration and other business functions are handled by SaaS platforms. READ MORE...
The Golden Age of computer user groups
Long before subreddits, computer enthusiasts used to get together-in-person! The Homebrew Computer Club where the Apple I got its start is deservedly famous-but it's far from tech history's only community gathering centered on CPUs. Throughout the 70s and into the 90s, groups around the world helped hapless users figure out their computer systems, learn about technology trends, and discover the latest whiz-bang applications. And these groups didn't stick to Slacks, email threads, or forums. READ MORE...
Attack of the Instagram clones
Social media has some great advantages, such as keeping in touch with loved ones and sharing experiences with friends, but like almost anything on the internet, it can be easily abused. With some creative thinking and a little luck on the side, it is possible for it to be used as a vehicle to steal money from unwitting victims. I had heard stories of account cloning, but I always assumed people would check with the account holder via another form of communication. READ MORE...
- ...in 1812, The USS Constitution earns the nickname "Old Ironsides" during the battle off Nova Scotia that saw her defeat the HMS Guerriere.
- ...in 1957, The first balloon flight to exceed 100,000 feet takes off from Crosby, Minnesota.
- ...in 1976, Gerald R Ford wins Republican Party's presidential nomination at the Kansas City convention.
- ...in 2004, Google Inc. stock begins selling on the Nasdaq Stock Market, with an initial price of $85.