IT Security Newsletter

IT Security Newsletter - 9/4/24

Written by Cadre | Wed, Sep 4, 2024

North Korean hackers' social engineering tricks

"North Korean malicious cyber actors conducted research on a variety of targets connected to cryptocurrency exchange-traded funds (ETFs) over the last several months," the FBI has warned through a public service announcement. This suggests that they are likely to target companies associated with cryptocurrency ETFs or other cryptocurrency-related financial products, the Bureau added. READ MORE...

Ransomware attacks escalate as critical sectors struggle to keep up

Ransomware remains a concerning cybersecurity threat, with attacks becoming more frequent, severe, and costly. Recent reports highlight alarming trends, including increased attacks on critical sectors like healthcare, education, and manufacturing. The US, leading in global ransomware incidents, faces an exceptionally high risk, especially in education and healthcare. Organizations are frequently hit multiple times, and ransom payments, while common, often fail to prevent further disruption. READ MORE...

Schools, colleges faced record-breaking year of ransomware attacks in 2023

There were 121 incidents found last year alone, according to an analysis by Comparitech, but researchers noted their findings "only scratch the surface." Schools and colleges saw a record-breaking number of ransomware attacks in 2023, with 121 incidents last year compared to 71 in 2022, according to an analysis released Tuesday by Comparitech, a cybersecurity and online privacy product review website. READ MORE...

Android's September 2024 Update Patches Exploited Vulnerability

Google on Tuesday announced a fresh set of Android security updates that address 35 vulnerabilities, including a local privilege escalation bug exploited in attacks. The exploited flaw, tracked as CVE-2024-32896 (CVSS score of 7.8), is a high-severity issue affecting Android's Framework component. A logic error in the code could lead to protection bypass, allowing a local attacker to elevate privileges. READ MORE...

BlackCat Spin-off 'Cicada3301' Uses Stolen Creds on the Fly, Skirts EDR

One of the most popular ransomware tools on the market today has spawned an even more advanced offspring. "Cicada3301," named after the infamous 4chan puzzle project from the early 2010s, is a Rust-based ransomware tool that first came onto the scene on June 18. In the two and a half months since, according to its leak site, it has been used to compromise 21 companies. Three have been large enterprises, five midsize businesses, and the majority have been small businesses. READ MORE...

Crypto Vulnerability Allows Cloning of YubiKey Security Keys

YubiKey security keys can be cloned using a side-channel attack that leverages a vulnerability in a third-party cryptographic library. The attack, dubbed Eucleak, has been demonstrated by NinjaLab, a company focusing on the security of cryptographic implementations. Yubico, the company that develops YubiKey, has published a security advisory in response to the findings. YubiKey hardware authentication devices are widely used, enabling individuals to securely log into their accounts via FIDO authentication. READ MORE...

Iran-linked actors ramping up cyberattacks on US critical infrastructure

Critical infrastructure providers and other organizations in the U.S. are facing a heightened risk of malicious cyberattacks from Iran-linked actors, according to threat researchers and U.S. officials. The FBI and Cybersecurity and Infrastructure Security Agency last week issued a joint warning with the Department of Defense Cyber Crime Center about Iran collaborating with criminal ransomware groups to attack key industries in the U.S. and other foreign countries. READ MORE...

  • ...in 1888, George Eastman receives a patent for his roll film camera and registers the trademark "Kodak".
  • ...in 1957, The Ford Motor Company introduces the Edsel, which was touted as the car of the future, but ended up a commercial flop.
  • ...in 1972, CBS premieres "The Price Is Right", currently the longest running game show on American TV.
  • ...in 1998, Google is founded by two Stanford University students, Larry Page and Sergey Brin.