IT Security Newsletter - 1/6/2022
More than 1.1 million online credentials found in NY AG credential stuffing investigation
A months-long investigation into credential stuffing attacks by the New York attorney general's office found credentials for more than 1.1 million online accounts at 17 major retailers, restaurant chains and food delivery services in internet forums, the agency announced Wednesday. Each of the unnamed companies was notified and took steps to protect impacted customers, the AG's office said in a statement accompanying a 15-page report on the investigation. READ MORE...
Chemicals Company Element Solutions Discloses Cybersecurity Incident
Florida-based specialty chemicals company Element Solutions on Wednesday revealed that it had experienced a cybersecurity incident. The company's solutions are used in manufacturing processes in sectors such as electronic circuitry, automotive systems, communication infrastructure, industrial surface finishing, offshore energy and consumer packaging. Element Solutions employs roughly 4,400 people and it has a presence in more than 50 countries. READ MORE...
Attackers Exploit Flaw in Google Docs' Comments Feature
Attackers are using the "Comments" feature of Google Docs to send malicious links in a phishing campaign targeted primarily at Outlook users, researchers have discovered. Researchers from email collaboration and security firm Avanan, a CheckPoint company, first observed "a new, massive wave of hackers leveraging the comment feature in Google Docs" in December, Avanan Cybersecurity Researcher/Analyst Jeremy Fuchs wrote in a report published Thursday. READ MORE...
'Elephant Beetle' Lurks for Months in Networks
Researchers have identified a threat group that's been quietly siphoning off millions of dollars from financial- and commerce-sector companies, spending months patiently studying their targets' financial systems and slipping in fraudulent transactions amongst regular activity. The Sygnia Incident Response team has been tracking the group, which it named Elephant Beetle, aka TG2003, for two years. READ MORE...
FBI warns about ongoing Google Voice authentication scams
The Federal Bureau of Investigation (FBI) says Americans who share their phone number online are being targeted by Google Voice authentication scams. As the federal law enforcement agency explains, the fraudsters are targeting those who have posted their phone number as a form of contact when trying to sell various items on online marketplaces or social media apps. READ MORE...
Honda, Acura cars hit by Y2K22 bug that rolls back clocks to 2002
Honda and Acura cars have been hit with a Year 2022 bug, aka Y2K22, that resets the navigation system's clock to January 1st, 2002, with no way to change it. Starting on January 1st, the date on Acura and Honda navigation system would automatically change to January 1st, 2002, with the time resetting to 12:00, 2:00, 4:00, or other times based on the model or possibly the region the car is located. READ MORE...
- ...in 1838, Samuel Morse first demonstrates the telegraph.
- ...in 1907, Maria Montessori opens her first school and daycare center in Rome, Italy.
- ...in 1912, German geophysicist Alfred Wegener first presents his theory of continental drift at a lecture in Frankfurt.
- ...in 1936, Porky Pig makes his world debut in a Warner Brothers cartoon, "Gold Diggers of '49."