<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 1/28/2022

SHARE

Top News

FBI Warns of Hacker Attacks Conducted by Iranian Cyber Firm

The FBI this week issued a private industry notification to warn organizations about the malicious activities conducted by an Iranian cyber company named Emennet Pasargad. The agency has described their tactics, techniques and procedures (TTPs) and it has shared several recommendations for preventing and detecting attacks. In November 2021, the U.S Treasury Department announced sanctions against six Iranian nationals and a company involved in a campaign whose goal was to influence the 2020 presidential election. READ MORE...

Hacking

Lazarus hackers use Windows Update to deploy malware

North Korean-backed hacking group Lazarus has added the Windows Update client to its list of living-off-the-land binaries (LoLBins) and is now actively using it to execute malicious code on Windows systems. The new malware deployment method was discovered by the Malwarebytes Threat Intelligence team while analyzing a January spearphishing campaign impersonating the American security and aerospace company Lockheed Martin. READ MORE...

Software Updates

QNAP force-installs update after DeadBolt ransomware hits 3,600 devices

QNAP force-updated customer's Network Attached Storage (NAS) devices with firmware containing the latest security updates to protect against the DeadBolt ransomware, which has already encrypted over 3,600 devices. On Tuesday, BleepingComputer reported on a new ransomware operation named DeadBolt that was encrypting Internet-exposed QNAP NAS devices worldwide. READ MORE...


Xerox Quietly Patched Device-Bricking Flaw Affecting Some Printers

Xerox patched a device-bricking vulnerability in certain printer models more than a year and a half ago, but said nothing until this week, when information on the bug became public. The security defect - now tracked as CVE-2022-23968 - was reported to Xerox in September 2019. In January 2020, the vendor had confirmed impact on at least one series of printer models, but said nothing else of the bug for two more years. READ MORE...

Malware

2FA app with 10,000 Google Play downloads loaded well-known banking trojan

A fake two-factor-authentication app that has been downloaded some 10,000 times from Google Play surreptitiously installed a known banking-fraud trojan that scoured infected phones for financial data and other personal information, security firm Pradeo said. 2FA Authenticator went live on Google Play two weeks ago, posing as an alternative to legitimate 2FA apps from Google, Twilio, and other trusted companies. READ MORE...


Finnish diplomats' phones infected with NSO Group Pegasus spyware

Finland's Ministry for Foreign Affairs says devices of Finnish diplomats have been hacked and infected with NSO Group's Pegasus spyware in a cyber-espionage campaign. "Finnish diplomats have been targets of cyber espionage by means of the Pegasus spyware, developed by NSO Group Technologies, which has received wide publicity," the Ministry said in a statement published today. READ MORE...

On This Date

  • ...in 1936, actor/director Alan Alda ("M*A*S*H", "The West Wing") is born in New York City.
  • ...in 1956, Elvis Presley makes his first US television appearance on the Dorsey Brothers' "Stage Show" at the age of 21.
  • ...in 1958, the Lego company patents its toy building bricks. The original Lego set is still compatible with the bricks produced today.
  • ...in 1959, Vince Lombardi is hired as head coach of the Green Bay Packers.