IT Security Newsletter - 09/10/2020
Nine out of ten IT pros have experienced a data breach
Exonar, has today published research revealing that 94 percent of IT pros have experienced a data breach, and an overwhelming majority (79 percent) are worried that their current organization could be next. The survey of 500 IT professionals found that when it comes to cybersecurity, employee data breaches are seen as the biggest risk to an organization. Two fifths (40 percent) of respondents named employee data breaches as the biggest overall threat to information security in the coming year. READ MORE...
New Raccoon Attack Can Allow Decryption of TLS Connections
Researchers from universities in Germany and Israel have disclosed the details of a new timing attack that could allow malicious actors to decrypt TLS-protected communications. Named "Raccoon," the attack has been described as complex and the vulnerability is "very hard to exploit." While most users should probably not be concerned about Raccoon, several major software vendors have released patches and mitigations to protect customers. Raccoon can allow a man-in-the-middle attacker to crack encrypted communications. READ MORE...
Why We Need to Pay Attention to Attacks on the Smart-Built Environment
Are attacks on IoT physical security devices real or just theoretical? Why professionals need to be aware of the real-life examples in an effort to guard against future attacks on their own businesses. I've been compiling a list of attacks related to smart built environments for upcoming guidance which will be available through the IoT Security Foundation. My aim is to use this list in the introduction, to ensure readers would fully understand that these attacks are real and that they should not only pay attention. READ MORE...
Zeppelin Ransomware Returns with New Trojan on Board
The malware has popped up in a targeted campaign and a new infection routine. The Zeppelin ransomware has sailed back into relevance, after a hiatus of several months. A wave of attacks were spotted in August by Juniper Threatlab researchers, making use of a new trojan downloader. These, like an initial Zeppelin wave observed in late 2019, start with phishing emails with Microsoft Word attachments (themed as "invoices") that have malicious macros on board. Once a user enables macros, the infection process starts. READ MORE...
ProLock ransomware increases payment demand and victim count
Using standard tactics, the operators of ProLock ransomware were able to deploy a large number of attacks over the past six months, averaging close to one target every day. Following a failed start in late 2019, under the name PwndLocker, due to a crypto bug that allowed unlocking the files for free, the operators rebooted the operation with fixing the flaw and renaming the malware to ProLock. From the beginning, the threat actor aimed high, targeting enterprise networks and demanding ransoms between $175,000 to more than $660,000. READ MORE...
Meet the Middlemen Who Connect Cybercriminals With Victims
An analysis of initial access brokers explains how they break into vulnerable organizations and sell their access for up to $10,000. Ransomware operators looking for victims can find them on the Dark Web, where initial access brokers publish listings containing vague descriptions of businesses they've managed to breach. Initial access brokers, the "middlemen" of ransomware attacks, have noticed demand for their services surge as ransomware-as-a-service (RaaS) gains popularity. Their listings have steadily increased over the past two years. READ MORE...
BLURtooth vulnerability lets attackers defeat Bluetooth encryption
A vulnerability exists in certain implementations of Bluetooth 4.0 through 5.0 which allows an attacker to overwrite or lower the strength of the pairing key, giving them access to authenticated services. The bug was discovered independently by two teams of academic researchers and received the name BLURtooth. It affects "dual-mode" Bluetooth devices, like modern smartphones. An attacker can exploit BLURtooth on devices that support both Bluetooth Classic and Low Energy. READ MORE...
Malvertising campaigns come back in full swing
Malvertising campaigns leading to exploit kits are nowhere near as common these days. Indeed, a number of threat actors have moved on to other delivery methods instead of relying on drive-by downloads. However, occasionally we see spikes in activity that are noticeable enough that they highlight a successful run. In late August, we started seeing a Fallout exploit kit campaign distributing the Raccoon Stealer via high-traffic adult sites. Shortly after we reported it to the ad network, the same threat actor came back again. READ MORE...
Lucid announces the price and specs for the Air electric sedan
On Wednesday Lucid Motors unveiled the production version of its first electric vehicle. It goes into production this year with deliveries starting in Q2 2021 and uses Formula E-proven battery tech to achieve a range of 517 miles (813km) with a 113kWh pack. Despite a steady drip-feed of Air-related news over the past few months, until now we've been in the dark regarding important facts like how expensive it is, how powerful it is, and how fast it can go. READ MORE...
- ...in 1813, the U.S. defeats the British Fleet at the Battle of Lake Erie during the War of 1812.
- ...in 1941, scientist and popular science writer Stephen Jay Gould ("The Mismeasure of Man", "The Panda's Thumb") is born in Queens, NY.
- ...in 1963, major league baseball pitcher Randy Johnson is born in Walnut Creek, CA.
- ...in 2008, CERN's Large Hadron Collider is powered up in Geneva, Switzerland. It is the most complex experimental facility ever built.