IT Security Newsletter

IT Security Newsletter - 09/02/2020

Written by Cadre | Wed, Sep 2, 2020

Norway is investigating a cyberattack on its parliament

Hackers have struck at the Norwegian parliament, compromising a limited number of email accounts of lawmakers and employees, the parliament's administrator said Tuesday. Attackers downloaded an unspecified amount of data in the breach, Marianne Andreassen, the administrator, said in a statement. Mitigations put in place to counter the digital intrusion had an "immediate effect," Andreassen said. READ MORE...

Minister: New Zealand Enduring Wave of Cyberattacks

New Zealand's justice minister says the nation is confronting cyberattacks on an unprecedented scale, targeting everything from the stock market to the weather service. Andrew Little said in an interview with The Associated Press on Wednesday that tracking down the perpetrators of the attacks in recent weeks would be extremely difficult, as the distributed denial of service attacks are being routed through thousands of computers. READ MORE...

Attackers abuse Google DNS over HTTPS to download malware

Earlier this year, BleepingComputer reported on hackers hiding malware in fake Windows error logs. After gaining access to a Windows system and achieving persistence, the malware would read from a ".chk" file that impersonated event logs. The apparent hexadecimal characters on the right side are actually decimal characters used to construct an encoded payload via rogue scheduled tasks. More information has emerged on this complex malware and some other sinister tasks it carries out. READ MORE...

KryptoCibule malware dodges antivirus to steal cryptocurrency

Threat researchers discovered a new malware family that is fully focused on getting as much cryptocurrency as possible from its victims. For this purpose, it steals wallets, hijacks transactions, and starts mining on infected machines. Named KryptoCibule, the malware has managed to stay under the radar for almost two years, extending its functionality with each new version. In a technical analysis released today, researchers at ESET note that KryptoCibule relies heavily on the Tor network. READ MORE...

We Need Better Classification of Threat Intelligence

The threat intelligence landscape has vastly changed over the years. While the term was originally used to refer to malware Indicators of Compromise (IOC) - lists of known malware signatures and the servers those malware communicate with, a method to identify infected devices within corporate networks - as time went by vendors have broadly expanded that concept to offer new types of intelligence. The term "Threat Intelligence" encompasses an ever-growing set of offerings that, on an operational standpoint, have different use cases. READ MORE...

Hypothesis: Cyber Attackers Are After Your Scientific Research

From COVID-19 treatment to academic studies, keeping research secure is more important than ever. The ResearchSOC at Indiana University intends to help. Industrial espionage has been around long before companies needed to protect the identity of 13 herbs and spices or the cola recipe locked in an Atlanta pharmacist's safe. And scientists, being human after all, have sought to know what their "colleagues" are working on since Archimedes experimented with levers and fulcrums. READ MORE...

Magento plugin Magmi vulnerable to hijacking admin sessions

A cross-site request forgery (CSRF) vulnerability continues to be present in the Magmi plugin for Magento online stores, despite developers receiving a report from researchers that discovered it. Hackers can use the flaw to execute arbitrary code on servers running Magmi (Magento Mass Importer) by tricking authenticated administrators into clicking a malicious link. The plugin works as a Magento database client that can add a large number of products (millions, according to its wiki page). READ MORE...

Essential features of security automation for the AWS platform

DevSecOps tactics and tools are dramatically changing the way organizations bring their applications to fruition. Having a mindset that security must be incorporated into every stage of the software development lifecycle - and that everyone is responsible for security - can reduce the total cost of software development and ensure faster release of secure applications. A common goal of any security strategy is to resolve issues quickly and safely before they can be exploited for a breach resulting in data loss. READ MORE...

Surging CMS attacks keep SQL injections on the radar during the next normal

Every year, millions of websites across the world fall victim to malware attacks that are designed to gain access to the site's backend without the administrator's knowledge in order to steal sensitive data or cause damage, usually for financial gain. This year, cyberattacks have been on the rise during the pandemic, leaving businesses to wonder whether or not things will settle down whenever the COVID-19 situation begins to wane, or if this is the next normal for the indefinite future. READ MORE...

New Threat Activity by Lazarus Group Spells Trouble For Orgs

The North Korea-backed group has launched several campaigns to raise revenue for cash-strapped nation's missile program, security experts say. A US government warning last week about new attacks targeting banks in multiple countries has focused attention on what has been a particularly busy year for the Lazarus advanced persistent threat (APT) group. Over the past several months, the group has ramped up efforts to raise money for its sponsor, the cash-strapped North Korean government. READ MORE...

Walmart+ takes aim at Amazon Prime, launches September 15

Although it's arriving several months later than expected, Walmart's answer to Amazon Prime is finally scheduled to launch in two weeks, on September 15. Like Prime, Walmart+ offers unlimited free delivery, with some products available same-day in many markets. Walmart+ looks cheaper than Amazon Prime at first blush-the annual prices for the services are $98 and $119, respectively-but the difference may be less relevant to each company's bottom line than it looks. Both services also offer a monthly plan. READ MORE...

  • ...in 1752, Great Britain adopts the Gregorian calendar.
  • ...in 1929, film director Hal Ashby ("Harold and Maude", "Being There") is born in Ogden, UT.
  • ...in 1945, Japan formally surrenders to the Allied powers, with Foreign Minister Mamoru Shigemitsu signing the agreement aboard the battleship USS Missouri in Tokyo Bay.
  • ...in 1963, the CBS Evening News becomes US network television's first half-hour weeknight news broadcast.