<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 1/31/2024

SHARE

Top News

Feds Reportedly Try to Disrupt 'Volt Typhoon' Attack Infrastructure

The US government, in collaboration with private sector stakeholders, has been quietly working to disrupt the attack infrastructure of "Volt Typhoon," a dangerous China-linked threat group associated with numerous attacks targeted at US critical infrastructure since at least mid-2021. Reuters, citing multiple unnamed sources, on Jan. 30 reported the activity as involving attempts by the US to remotely disable aspects of the Chinese operation over the past few months. READ MORE...

Breaches

A mishandled GitHub token exposed Mercedes-Benz source code

A mishandled GitHub token gave unrestricted access to Mercedes-Benz's internal GitHub Enterprise Service, exposing source code to the public. Mercedes-Benz is a prestigious German car, bus, and truck maker recognized for its rich history of innovation, luxurious designs, and top build quality. Like many modern automakers, the brand uses software in its vehicles and services, including safety and control systems, infotainment, autonomous driving, diagnostic and maintenance tools, etc. READ MORE...


Cyberattack disrupts IT systems in Fulton County, Georgia

A cybersecurity incident in Fulton County, Georgia, which includes parts of Atlanta, is causing an IT outage affecting its phone, tax, court management systems, the county government announced this week. Among the affected systems is Odyssey, a courts case management system from the Dallas software firm Tyler Technologies. The county's digital phone systems are also down. READ MORE...

Hacking

Two More Individuals Charged for DraftKings Hacking

Two more individuals have been indicted for their role in a credential stuffing attack resulting in unauthorized access to thousands of user accounts at a fantasy sports and betting website. The individuals, Nathan Austad, 19, of Farmington, Minnesota, and Kamerin Stokes, 21, of Memphis, Tennessee, allegedly participated in compromising the accounts using usernames and passwords obtained from other data breaches, and attempted to sell access to the accounts. READ MORE...


Canada's 'most prolific hacker' jailed for two years

A 33-year-old man has been sentenced to two years in prison after admitting his part in a series of ransomware and malware attacks that hit more than one thousand individuals, businesses, and organisations - including three police departments. Ottawa-based Matthew Philbert, who has been dubbed "Canada's most prolific hacker," typically launched attacks by sending malicious emails that posed as job applications, attaching a booby-trapped resume poisoned with malware. READ MORE...


SIM-swapping ring stole $400M in crypto from a US company, officials allege

The US may have uncovered the nation's largest "SIM swap" scheme yet, charging a Chicago man and co-conspirators with allegedly stealing $400 million in cryptocurrency by targeting over 50 victims in more than a dozen states, including one company. A recent indictment alleged that Robert Powell was the "head of a SIM swapping group" called the "Powell SIM Swapping Crew." He allegedly conspired to gain access to victims' devices and "carry out fraudulent SIM swap attacks." READ MORE...


Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022. READ MORE...

Malware

Ars Technica used in malware campaign with never-before-seen obfuscation

Ars Technica was recently used to serve second-stage malware in a campaign that used a never-before-seen attack chain to cleverly cover its tracks, researchers from security firm Mandiant reported Tuesday. A benign image of a pizza was uploaded to a third-party website and was then linked with a URL pasted into the "about" page of a registered Ars user. Buried in that URL was a string of characters that appeared to be random-but were actually a payload. READ MORE...


Police disrupt Grandoreiro banking malware operation, make arrests

The Federal Police of Brazil and cybersecurity researchers have disrupted the Grandoreiro banking malware operation, which has been targeting Spanish-speaking countries with financial fraud since 2017. The operation was supported by ESET, Interpol, the National Police in Spain, and Caixa Bank, all providing critical data leading to identifying and arresting individuals controlling the malware's infrastructure. READ MORE...

Information Security

AI-generated code leads to security issues for most businesses: report

More than half of organizations encounter security issues with AI-generated code sometimes or frequently, according to Snyk's survey of more than 500 technology professionals in late 2023. Developers are interested in productivity gains from AI coding assistants, but businesses could run into problems if the growing use goes unchecked. Nearly 9 in 10 developers are concerned about the broader security implications of using AI coding tools, according to the data. READ MORE...

On This Date

  • ...in 1919, Baseball Hall of Fame second baseman Jackie Robinson, the first African American MLB player, is born in Cairo, GA.
  • ...in 1949, the first television daytime soap opera, "These Are My Children", is broadcast by NBC live from Chicago.
  • ...in 1960, comics writer Grant Morrison ("The Invisibles", "All-Star Superman") is born in Glasgow, Scotland.
  • ...in 2010, director James Cameron's "Avatar" becomes the first motion picture to gross over $2 billion worldwide.