IT Security Newsletter

IT Security Newsletter - 1/2/2020

Written by Cadre | Thu, Jan 2, 2020

Microsoft seizes 50 websites used by North Korean hackers to gather intelligence

Microsoft has taken hold of 50 websites used by suspected North Korean hackers to bolster attempted hacks against government employees, universities and nuclear organizations, among other targets. The company announced Monday it won a court order allowing it to take over 50 websites that a hacking group Microsoft refers to as Thallium (also known as APT37, or Reaper) has used as part of a campaign to steal sensitive data. Thallium would send phishing emails which directed would-be victims to malicious websites, where they would be prompted to enter their username and password. A successful effort would provide Thallium access to victimized account data including messages, contact lists and appointments.

Special Olympics New York Hacked to Send Phishing Emails

Special Olympics of New York, a nonprofit organization focused on competitive athletes with intellectual disabilities, had its email server hacked around this year's Christmas holiday and later used to launch a phishing campaign against previous donors. Special Olympics NY provides sports training and athletic competition to more than 67,000 children and adults with intellectual disabilities across New York State (66,835 registered athletes and unified partners according to this fact sheet).