<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 1/4/2023

SHARE

Top News

Wabtec Says Personal Information Compromised in Ransomware Attack

Rail systems and locomotive manufacturer Wabtec has started sending notification letters to individuals whose personal information was stolen in a ransomware attack last year. The US-based firm provides railway equipment, systems, and services worldwide and has offices in the Americas, Australia, and Europe. The company has roughly 27,000 employees. In a data breach notice, Wabtec says branches in the US, Canada, UK, and Brazil were impacted by the cyberattack. READ MORE...

Breaches

Rackspace identifies ransomware threat actor behind December attack via Exchange

Rackspace Technology has confirmed the threat actor known as Play was behind the ransomware attack that disrupted email access for its Hosted Exchange customers in early December. The threat actor was identified following a forensic investigation led by CrowdStrike, the FBI and other experts, Rackspace told Cybersecurity Dive Monday. Karen O'Reilly-Smith, chief security officer at Rackspace, said the attack was linked to a zero-day exploit associated with CVE-2022-41080. READ MORE...


Raspberry Robin Worm Hatches a Highly Complex Upgrade

Hacking groups are using a new version of the Raspberry Robin framework to attack Spanish and Portuguese-language based financial institutions - and it's complexity quotient has been significantly upgraded, researchers said this week. According to a Jan. 2 report from cybersecurity firm Security Joes, the group has used the same QNAP server for several rounds of attacks - but victim data is no longer in plaintext but rather RC4-encrypted, and the downloader mechanism has been updated. READ MORE...


Data of over 200 million Deezer users stolen, leaks on hacking forum

Music-streaming service Deezer has owned up to a data breach, after hackers managed to steal the data of over 200 million of its users. According to RestorePrivacy which first reported on the breach, the hacker released a sample 5 million stolen records on a well-known hacking forum, claiming to have a 60GB stash of stolen data, including 228 million email addresses. READ MORE...

Hacking

Hacker Selling Data Allegedly Stolen From Volvo Cars Following Ransomware Attack

A hacker is offering to sell data allegedly stolen from Swedish vehicle manufacturer Volvo Cars following a ransomware attack carried out in late December. The data was put up for sale on a public hacker forum on December 31. The seller claims Volvo Cars was the target of a new ransomware operation called Endurance, which emerged in November 2022, when its operators claimed to have obtained data associated with many US government agencies. READ MORE...

Software Updates

Synology fixes maximum severity vulnerability in VPN routers

Taiwan-based NAS maker Synology has addressed a maximum (10/10) severity vulnerability affecting routers configured to run as VPN servers. The vulnerability, tracked as CVE-2022-43931, was discovered internally by Synology's Product Security Incident Response Team (PSIRT) in the VPN Plus Server software and was given a maximum CVSS3 Base Score of 10 by the company. READ MORE...

Malware

WordPress Sites Under Attack from Newly Found Linux Trojan

A newly identified Trojan backdoor program exploits some 30 vulnerabilities in WordPress plug-ins and themes in order to breach websites based on the WordPress content management system. It only needs to abuse one of those flaws to execute an attack. Researchers from Doctor Web said sites running outdated or unpatched versions of these WordPress tools are at risk of harboring malicious JavaScripts that redirect site visitors to nefarious websites, and should update those programs ASAP. READ MORE...

Exploits/Vulnerabilities

Over 60,000 Exchange servers vulnerable to ProxyNotShell attacks

More than 60,000 Microsoft Exchange servers exposed online are yet to be patched against the CVE-2022-41082 remote code execution (RCE) vulnerability, one of the two security flaws targeted by ProxyNotShell exploits. According to a recent tweet from security researchers at the Shadowserver Foundation, almost 70,000 Microsoft Exchange servers were found to be vulnerable to ProxyNotShell attacks according to version information. READ MORE...

On This Date

  • ...in 1853, Solomon Northup regains his freedom after being kidnapped and sold into slavery. His memoir "Twelve Years a Slave" became an Best Picture Oscar-winning film in 2013.
  • ...in 1936, Billboard Magazine publishes its first pop music charts.
  • ...in 2004, the NASA Spirit rover successfully lands on Mars.
  • ...in 2016, IUPAC and IUPAP announced the discovery of four new elements, completing the 7th row of the periodic table.