<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 1/14/2022

Top News

Ukrainian government websites hacked amid rising regional security anxiety

A series of Ukrainian government websites were temporarily unavailable Friday in what appeared to be a coordinated cyberattack against the backdrop of rising tensions between Russia and Ukraine. As a result of the massive hacking attack, the websites of the Ministry of Foreign Affairs and a number of other government agencies are temporarily down," Foreign Ministry spokesperson Oleg Nikolenko tweeted. "Our specialists are already working on restoring the work of IT systems." READ MORE...

Hacking

Russia's FSB announces sting against members of REvil cybercrime gang

The Russian government said Friday that it raided multiple addresses tied to members of the REvil ransomware gang, making arrests and seizing hard cash, cryptocurrency, computers and cars. The Federal Security Service, or FSB, said it executed the sting at locations in Moscow, St. Petersburg and elsewhere. The operation came at the request of the United States, the FSB said. The FBI did not immediately respond Friday morning to requests for comment. READ MORE...


North Korean Hackers Stole $400 Million Worth of Cryptocurrency in 2021

The most well-known APT operating on behalf of the North Korean government and active for more than a decade, Lazarus is believed to have been involved in multiple high-profile attacks, including the $81 million cyber theft from the central bank of Bangladesh in 2016, and the WannaCry attack. Starting in 2018, Lazarus conducted multiple cryptocurrency heists to generate revenue in support of North Korea's military programs. READ MORE...

Software Updates

Microsoft Yanks Buggy Windows Server Updates

Microsoft has yanked the Windows Server updates it issued on Patch Tuesday after admins found that the updates had critical bugs that break three things: They trigger spontaneous boot loops on Windows servers that act as domain controllers, break Hyper-V and render ReFS volume systems unavailable. The shattering of Windows was first reported by BornCity on Tuesday, as in, on the same day that Microsoft released a mega-dump of 97 security updates in its January 2022 Patch Tuesday update. READ MORE...

Exploits/Vulnerabilities

Three Plugins with Same Bug Put 84K WordPress Sites at Risk

Researchers have discovered three WordPress plug-ins with the same vulnerability that allows an attacker to update arbitrary site options on a vulnerable site and completely take it over. Exploiting the flaw does require some action from the site administrator, however. On Nov. 5, 2021, the Wordfence Threat Intelligence team started a process to disclose a vulnerability researchers had found in "Login/Signup Popup," a WordPress plug-in installed on more than 20,000 sites. READ MORE...

On This Date

  • ...in 1784, the Continental Congress ratifies the Second Treaty of Paris, ending the Revolutionary War.
  • ...in 1952, NBC's "Today" debuts with host Dave Garroway.
  • ...in 1969, musician Dave Grohl (Nirvana, Foo Fighters) is born in Warren, OH.
  • ...in 1973, Elvis Presley's "Aloha from Hawaii" concert is broadcast live via satellite. It still holds the record as the most-watched TV broadcast by a single entertainer.