<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 09/11/2020

SHARE

Hacking

Equinix data center giant hit by Netwalker Ransomware, $4.5M ransom

Data center and colocation giant Equinix has been hit with a Netwalker ransomware attack where threat actors are demanding $4.5 million for a decryptor and to prevent the release of stolen data. Equinix is a massive data center and colocation provider with over 50 locations worldwide. Customers use these data centers to colocate their equipment or to interconnect with other ISPs and network providers. Early this week, a source shared a Netwalker ransom note with BleepingComputer. READ MORE...


Multibillion-dollar Equinix is the latest data-center firm to face ransomware incident

Equinix, a multibillion-dollar data center company, is grappling with a ransomware incident affecting its internal computer systems, the company announced late Wednesday. The California-based company, which claims nearly 10,000 clients and has offices around the world, said the incident hadn't impacted its support for customers, and that its data centers "remain fully operational." Law enforcement officials are investigating the Equinix incident, the company said without elaborating. READ MORE...


Hackers are fighting a war over 300K vulnerable WordPress sites

Attackers who are actively exploiting a critical remote code execution flaw affecting over 600,000 of WordPress sites running vulnerable File Manager plugin versions have also been seen protecting the sites they compromise from other threat actors' attacks. The critical vulnerability allows unauthenticated attackers to upload malicious PHP files and execute arbitrary code following successful exploitation [1, 2, 3]. File Manager's dev team addressed the flaw with the release of File Manager 6.9. READ MORE...


Office 365 phishing runs real-time check of stolen domain logins

Threat researchers investigating phishing attacks encountered a less common technique in spear-phishing aimed at a senior executive at a top American company. The code behind the phishing page made sure that the threat actor got the right credentials for the company Active Directory and performed redirects to hide the attempt. Testing logins in real-time is an unusual technique that allows the attacker to adapt their response based on the received feedback. READ MORE...

Malware

SoftServe hit by ransomware, Windows customization tool exploited

Ukrainian software developer and IT services provider SoftServe suffered a ransomware attack on September 1st that may have led to the theft of customers' source code. With over 8,000 employees and 50 offices worldwide, SoftServe is one of Ukraine's largest companies offering software development and IT consulting. News about a cyberattack on SoftServe first began circulating on the 'Telegram D?8044 Kyiv Info' channel, where an alleged message sent by the company to employees was shared. READ MORE...

Information Security

Adtech's bogeymen are tracking everything - even your web visits to mental health charities, claim campaigners

British charities are sharing information about people visiting their websites with adtech data brokers, according to a report. The Pro Privacy campaign group claims that 21 of the UK's "top 100 charities" have shared web visitors' data with adtech companies, with those charities including the British Heart Foundation, the NSPCC, mental health charity Scope and Amnesty International. The alleged badness boils down to charity websites having tracking beacons embedded within them. READ MORE...


Four ways network traffic analysis benefits security teams

The march towards digital transformation and the increasing volume of cyberattacks are finally driving IT security and network teams towards better collaboration. This idea isn't new, but it's finally being put into practice at many major enterprises. The reasons are fairly straightforward: all those new transformation initiatives - moving workloads to the cloud, pursuing virtualization or SD-WAN projects, etc. - create network traffic blind spots that can't easily be monitored using the security tools . READ MORE...


How to talk vulnerability management with the C-suite - and make them care

Promo When you're running security, it can be hard not to feel you're slogging away in the trenches, saving your organisation on a daily basis, but getting precious little in the way of recognition and even less in terms of budget. Yes, you know vulnerability management is not just important, but crucial to the health of your organisation. But do you ever get the feeling when you're explaining this to non-techie folks that they might as well be looking at that waterfall of 1 and 0s that Hollywood defaults to when something computery is going on? READ MORE...

Exploits/Vulnerabilities

Ripple20 Malware Highlights Industrial Security Challenges

Poor security practices allowed software vulnerabilities to propagate throughout industrial and IoT products for more than 20 years. The recent discovery of 19 vulnerabilities in a lightweight TCP/IP library has sent shockwaves across industries as it exposes millions of organizations to potential cyberattacks. Known as Ripple20, these vulnerabilities were found in a library first released back in the 1990s. The vulnerabilities vary in severity, but some can allow an attacker to control an affected device remotely. READ MORE...


Attacks Targeting Recent WordPress File Manager Flaw Ramping Up

Attacks targeting a recently addressed vulnerability in the WordPress plugin File Manager are ramping up, warns the Wordfence Threat Intelligence team at WordPress security company Defiant. With over 700,000 active installs, File Manager is a highly popular WordPress plugin that provides admins with file and folder management capabilities (copy/paste, delete, download/upload, edit, and archive). In early September 2020, the plugin's developer addressed a critical-severity zero-day flaw. READ MORE...

Science & Culture

State-backed hackers targeted Biden and Trump campaign associates, Microsoft says

Hackers linked with the Chinese government tried to breach associates of the Joe Biden campaign, while hackers with reported connections to the Iranian government targeted President Donald Trump's reelection campaign, Microsoft warned Thursday. In addition, the same Russian military hackers that interfered in the 2016 U.S. election targeted a range of political and policy consultants in the U.S. and Europe, the software giant said. The hacking attempts against the Biden and Trump campaigns were unsuccessful. READ MORE...


Apple's September 15 "Time Flies" event: What to expect

It's a strange event for a strange time-will the iPhone 12 actually appear? Every September, Apple unveils its new lineup of iPhone and Apple Watch devices in a live event with press, influencers, and industry figures present-or does it? This year, we're not quite certain. Last week, the northern California tech giant put out invitations to a video stream from the Steve Jobs Theater (the location on the company's new campus where it normally hosts people in person) to announce some new products. READ MORE...

On This Date

  • ...in 1789. Alexander Hamilton is appointed the first United States Secretary of the Treasury.
  • ...in 1941, ground is broken for the construction of the Pentagon.
  • ...in 1985, Pete Rose becomes the all time MLB hits leader after getting his 4192nd hit.
  • ...in 2001, the World Trade Center and the Pentagon were attacked using hijacked airliners seized by members of terrorist organization al-Qaeda.