IT Security Newsletter

IT Security Newsletter - 1/25/2024

Written by Cadre | Thu, Jan 25, 2024

HPE Says Russian Government Hackers Had Access to Emails for 6 Months

Hewlett Packard Enterprise (HPE) revealed in an SEC filing on Wednesday that its cloud email environment was targeted by hackers believed to be sponsored by the Russian government. The company said it was notified on December 12 that a threat group identified as Midnight Blizzard and Cozy Bear had hacked into its cloud-based email environment. HPE said it kicked out the attackers, but its investigation revealed that the threat actor gained access to its systems and started exfiltrating data in May 2023. READ MORE...

Jason's Deli Accounts Compromised by Credential Stuffing

Texas-based soup and sandwich slinger Jason's Deli is alerting members of its Deli Dollars rewards program that their personal data was potentially exposed in a credential-stuffing attack. The accounts were compromised with genuine logins gathered from the Dark Web from previous breaches of other systems, according to Jason's Deli's filing with the Maine Attorney General's office, potentially impacting more than 344,000 customers. READ MORE...

EquiLend drags systems offline after admitting attacker broke in

US securities lender EquiLend has pulled a number of its systems offline after a security "incident" in which an attacker gained "unauthorized access". It may take "several days" to bring systems back up, the company confirmed ib a statement. EquiLend first spotted the attack on January 22 and a statement by the Wall Street staple confirmed there was unauthorized access to part of its infrastructure. READ MORE...

US data compromises surged to record high in 2023

Data compromises were more abundant and organizations were less forthright about the root cause of cyberattacks throughout 2023, according to the Identity Theft Resource Center's annual data breach report. The number of data compromises reported in the U.S. last year jumped 78% to a record high of 3,205 incidents, the non-profit organization said Thursday. These compromises ultimately impacted more than 353 million victims, including individuals affected multiple times. READ MORE...

Patch now! Fortra GoAnywhere MFT vulnerability exploit available

On January 22, 2024, software company Fortra warned customers about a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) that allows an attacker to create a new admin user. Fortra GoAnywhere MFT is a file transfer solution that organizations use to exchange their data. Some of the organizations that use GoAnywhere MFT are considered vital infrastructure such as local governments, financial companies, healthcare organizations, energy firms, and technology manufacturers. READ MORE...

Thousands of GitLab Instances Unpatched Against Critical Password Reset Bug

More than 5,000 GitLab servers remain unpatched against a critical vulnerability allowing attackers to hijack the password reset process. Tracked as CVE-2023-7028 (CVSS score of 10), the issue allows attackers to have password reset messages sent to unverified email addresses under their control, potentially leading to account takeover. The flaw was introduced in GitLab 16.1.0, when a new option was added to allow users to have password reset messages sent to a secondary email address. READ MORE...

Cisco warns of critical RCE flaw in communications software

Cisco is warning that several of its Unified Communications Manager (CM) and Contact Center Solutions products are vulnerable to a critical severity remote code execution security issue. Cisco's Unified Communications and Contact Center Solutions are integrated solutions that provide enterprise-level voice, video, and messaging services, as well as customer engagement and management. READ MORE...

Hackers target WordPress database plugin active on 1 million sites

Malicious activity targeting a critical severity flaw in the 'Better Search Replace' WordPress plugin has been detected, with researchers observing thousands of attempts in the past 24 hours. Better Search Replace is a WordPress plugin with more than one million installations that helps with search and replace operations in databases when moving websites to new domains or servers. READ MORE...

Did an AI write that hour-long "George Carlin" special? I'm not convinced.

If you've paid any attention to the intersection of AI and culture this month, you've probably stumbled across a video billed as a "comedy AI" doing a 60-minute impression of a stand-up routine by the late, great George Carlin. Even if you didn't watch "George Carlin: I'm Glad I'm Dead," you probably stumbled on some of the many, many headlines suggesting that AI had brought the legendary comedian "back from the dead" in some sense. READ MORE...

New Hampshire robocall kicks off era of AI-enabled election disinformation

Late in the afternoon on Sunday, Jan. 21, Kathy Sullivan received a text from a family member who said they had received a call from Sullivan or her husband and were following up. The treasurer of a super PAC running a write-in campaign for President Joe Biden in the New Hampshire primary election, Sullivan was busy with tasks ahead of an election only two days away. She dismissed the text and assumed the friend had been called by accident. READ MORE...

  • ...in 1890, pioneering journalist and adventurer Nellie Bly completes her around-the-world journey in only 72 days.
  • ...in 1925, the first Winter Olympics open in Chamonix, France.
  • ...in 1961, President John F. Kennedy becomes the first U.S. president to hold a live televised news conference.
  • ...in 1981, multi-award winning singer/songwriter Alicia Keys (born Alicia Augello Cook) is born in New York City.
  • ...in 2004, NASA rover Opportunity touches down on Mars. It will exceed its planned three-month lifespan by more than 14 years, finally shutting down in June 2018.