IT Security Newsletter - 1/3/2024
First American Financial confirms threat actors stole and encrypted data
First American Financial said the threat actors behind a previously disclosed Dec. 20 cyberattack accessed and stole non-production systems company data, which was later encrypted, according to an amended 8-K filing on Friday with the Securities and Exchange Commission. First American said the incident is contained and the company is in the process of restoring access to its systems and resuming normal business operations, according to the filing. READ MORE...
Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack
Printing solutions giant Xerox over the weekend confirmed that its US-based subsidiary Xerox Business Solutions experienced a data breach. The incident, the company says, was limited to Xerox Business Solutions US and was contained by its cybersecurity team. While the attack did not affect Xerox's corporate systems and had no impact on the company's operations or data, the investigation launched into the matter determined that personal information was compromised. READ MORE...
Kroll reveals FTX customer info exposed in August data breach
Risk and financial advisory company Kroll has released additional details regarding the August data breach, which exposed the personal information of FTX bankruptcy claimants. Kroll said the exposed data included coin holdings and balances, which would allow threat actors to pinpoint attractive targets who invest heavily in the cryptocurrency markets. Just like in its August statement, Kroll advised all those affected by the incident to remain vigilant and take precautions to protect their accounts. READ MORE...
EasyPark discloses data breach that may impact millions of users
Parking app developer EasyPark has published a notice on its website warning of a data breach it discovered on December 10, 2023, which impacts an unknown number of its millions of users. EasyPark is a Swedish company that creates mobile and web apps that serve as parking space locators, booking managers, and EV charging point finders. The company operates digital parking services in 20 countries and over 4,000 cities, covering most of Europe, the United States, Australia, New Zealand, and the UK. READ MORE...
Israel Battles Spike in Wartime Hacktivist, OT Cyberattacks
For Israel, 2023 will be remembered as the beginning of the war in Gaza after the devastating Hamas terror attacks on Oct. 7. The conflict spread to the cyber realm, with hacktivists on both sides declaring their intentions to conduct cyberattacks. But the impact of the war also affected the cybersecurity industry directly when the Israeli military summoned around 360,000 reservists - roughly 4% of Israel's 9.8 million population - who left their regular jobs to join the military operation. READ MORE...
29 malware families target 1,800 banking apps worldwide
Mobile banking is outpacing online banking across all age groups due to its convenience and our desire to have those apps at our fingertips, according to Zimperium. However, this surge is accompanied by a dramatic growth in financial fraud. The research uncovered that 29 malware families targeted 1,800 banking applications across 61 countries last year. In comparison, the 2022 report uncovered 10 prolific malware families targeting 600 banking apps. READ MORE...
Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover
An attacker with access to a Kubernetes cluster could chain two vulnerabilities in Google Kubernetes Engine (GKE) to escalate privileges and take over the cluster, cybersecurity firm Palo Alto Networks reports. The issues, which may not pose a significant risk on their own, were identified in FluentBit, the default logging agent in GKE, and in Anthos Service Mesh (ASM), an optional add-on for controlling service-to-service communication within the environment. READ MORE...
34 years later, a 13-year-old hits the NES Tetris "kill screen"
For decades after its 1989 release, each of the hundreds of millions of standard NES Tetris games ended the same way: A block reaches the top of the screen and triggers a "game over" message. That 34-year streak was finally broken on December 21, 2023, when 13-year-old phenom BlueScuti became the first human to reach the game's "kill screen" after a 40-minute, 1,511-line performance, crashing the game by reaching its functional limits. READ MORE...
- ...in 1521, Pope Leo X excommunicates Martin Luther following the circulation of Luther's Ninety-five Theses.
- ...in 1870, the construction of the Brooklyn Bridge begins.
- ...in 1888, Marvin C. Stone patents the drinking straw.
- ...in 1892, English fantasy author and philologist J.R.R. Tolkien ("The Lord of the Rings") is born in Bloemfontein, South Africa.