<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 1/26/2024

SHARE

Breaches

23andMe data breach: Hackers stole raw genotype data, health reports

Genetic testing provider 23andMe confirmed that hackers stole health reports and raw genotype data of customers affected by a credential stuffing attack that went unnoticed for five months, from April 29 to September 27. The credentials used by the attackers to breach the customers' accounts were stolen in other data breaches or used on previously compromised online platforms. READ MORE...

Hacking

The life and times of Cozy Bear, the Russian hackers who just hit Microsoft and HPE

Hewlett Packard Enterprise (HPE) said Wednesday that Kremlin-backed actors hacked into the email accounts of its security personnel and other employees last May-and maintained surreptitious access until December. The disclosure was the second revelation of a major corporate network breach by the hacking group in five days. The hacking group that hit HPE is the same one that Microsoft said Friday broke into its corporate network in November and monitored email accounts of senior executives. READ MORE...


Pwn2Own Automotive: $1.3M for 49 zero-days, Tesla hacked twice

The first edition of Pwn2Own Automotive has ended with competitors earning $1,323,750 for hacking Tesla twice and demoing 49 zero-day bugs in multiple electric car systems between January 24 and January 26. Throughout the contest organized by Trend Micro's Zero Day Initiative (ZDI) in Tokyo, Japan, during the Automotive World auto conference, hackers targeted fully patched electric vehicle (EV) chargers, infotainment systems, and car operating systems. READ MORE...

Information Security

Longer passwords aren't safe from intensive cracking efforts

The report found that 31.1 million breached passwords had over 16 characters, showing longer passwords aren't safe from being cracked. 40,000 admin portal accounts were found to be using 'admin' as a password, and only 50% of organizations scan for compromised passwords more than once a month. 123456 was the most common compromised password in KrakenLab's new list of breached cloud application credentials. READ MORE...


Google Kubernetes Clusters Suffer Widespread Exposure to External Attackers

The authentication mechanism within the Google Kubernetes Engine (GKE) has a loophole that could allow an external attacker with any Google account to access organizations' private Kubernetes container clusters, researchers have found. This could lead to serious cloud security incidents, such as cryptomining, denial-of-service (DoS), and the theft of sensitive data, Orca Security warned. READ MORE...


Critical Cisco Unified Communications RCE Bug Allows Root Access

A critical security vulnerability in Cisco Unified Communications and Contact Center Solutions (UC/CC) could allow unauthenticated remote code execution (RCE). The bug (CVE-2024-20253, 9.9 CVSS) arises thanks to "improper processing of user-provided data that is being read into memory," according to Cisco's advisory, issued yesterday. Remote attackers who are not logged onto the system can simply send specially crafted messages to a vulnerable device's listening port in order to achieve RCE. READ MORE...

Exploits/Vulnerabilities

Critical Jenkins Vulnerability Leads to Remote Code Execution

A critical vulnerability in the built-in command line interface (CLI) of Jenkins allows attackers to obtain cryptographic keys that can be used to execute arbitrary code remotely. The issue, tracked as CVE-2024-23897, impacts Jenkins 2.441 and earlier and LTS 2.426.2 and earlier, because the command parser (the args4j library) has a feature where an '@' character followed by a file path in an argument is replaced with the file's content. READ MORE...


Westermo Switch Vulnerabilities Can Facilitate Attacks on Industrial Organizations

The US security agency CISA this week informed organizations that some Westermo Lynx industrial switches are affected by several vulnerabilities, and the researchers who found the flaws said they can be exploited to tamper with a device. According to CISA's advisory, Lynx 206-F2G industrial Ethernet switches are affected by eight vulnerabilities, including two high-severity and six medium-severity issues. READ MORE...

On This Date

  • ...in 1925, film actor, director, and charitable entrepreneur Paul Newman ("Cool Hand Luke", "The Sting") is born in Shaker Heights, OH.
  • ...in 1961, NHL leading scorer Wayne Gretzky -- "The Great One" -- is born in Brantford, Ontario.
  • ...in 1978, the Great Blizzard of '78 arrives with 100 mph winds, burying Ohio and much of the Midwest in up to 36" of snow.
  • ...in 1992, Russian President Boris Yeltsin announces that Russia will stop targeting US cities with nuclear weapons.