<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 10/10/2019

SHARE

Breaches_ITSEC-1

Phishing Incident Exposes Medical, Personal Info of 60K Patients

Community-based healthcare system Methodist Hospitals from Gary, Indiana, disclosed that sensitive personal and medical information for 68,039 individuals may have been exposed following a successful phishing attack against two of its employees. Methodist provides surgical and medical hospital services, it employs 2,576 individuals, and it reported a total number of 195,055 patient encounters during 2018 according to last year's annual report.


Breach at e-commerce provider gave hackers an entry to Sesame Street

The Sesame Street Live Store, where fans of the children’s show buy merchandise, is one of more than 6,500 websites that security researchers say may be compromised by payment skimmers after an apparent incident at an e-commerce platform. A breach at Volusion, which provides cloud infrastructure for online stores, made it possible for thieves to insert malicious code on to many of the sites partnered with the platform.

Hacking_ITSEC

Apple iTunes Bug Actively Exploited in BitPaymer/iEncrypt Campaign

Bad actors are actively targeting a vulnerability in the Windows version of Apple iTunes to deliver BitPaymer/iEncrypt ransomware. It’s a new attack pattern that is difficult to detect, security researchers revealed Thursday. Researchers from Morphisec Labs in August identified the abuse of the flaw, which exists in the Bonjour updater that comes packaged with iTunes for Windows, to deliver ransomware in an attack on an unidentified enterprise in the automotive industry.

Software_ITSEC

SAP Patches Critical Vulnerabilities With October 2019 Security Updates

SAP this week released seven new security notes as part of the October 2019 Security Patch Day, with two of these notes rated Hot News (Critical). This month’s set of patches also includes two security notes released after the second Tuesday of last month but before this Tuesday, along with one update for a previously released patch, totalling 10 security notes.


Critical command execution vulnerability in iTerm2 patched, upgrade ASAP!

A critical vulnerability (CVE-2019-9535) in iTerm2, a macOS terminal emulator frequently used by developers and system administrators, could allow attackers to take control of a target system. “An attacker who can produce output to the terminal can, in many cases, execute commands on the user’s computer,” Mozilla explained. The vulnerability is in the tmux integration feature of iTerm2 and has been present for at least seven years.

Malware_ITSEC

 How to protect against stalkerware, a murky but dangerous mobile threat

Last week, we pledged that—in honor of National Cybersecurity Awareness and Domestic Violence Awareness months—we would continue the fight against the online scourge known as stalkerware, or applications used to track and spy on victims without their knowing consent. We told readers that, despite working to protect against stalkerware programs for more than five years, it was time to take our efforts to the next level by spreading awareness of stalkerware and its dangers.

Exploits_ITSEC

Gamers Warned of High-Severity Intel, Nvidia Flaws

Chip giants Intel and Nvidia have stomped out high-severity flaws in two popular products, both commonly used by gamers. Impacted are the Nvidia Shield TV and Intel NUC (short for Next Unit of Computing) mini-PC kit. Nvidia Shield TV is a media streaming box (powered by Nvidia’s Tegra X1 system-on-chip) that runs on the Android operating system and can be used for gaming and media streaming.


New Microsoft NTLM Flaws May Allow Full Domain Compromise

Two security vulnerabilities in Microsoft's NTLM authentication protocol allow attackers to bypass the MIC (Message Integrity Code) protection and downgrade NTLM security features leading to full domain compromise. Microsoft patched the two NTLM flaws and issued security advisories as part of the Patch Tuesday security updates issued yesterday after Preempt’s disclosure.


Cisco Finds 11 Vulnerabilities in Schneider Electric Modicon Controllers

Researchers at Cisco Talos have discovered nearly a dozen vulnerabilities in some of Schneider Electric’s Modicon programmable logic controllers (PLCs). There are a total of 11 security holes affecting Modicon M580, M340, BMENOC 0311, BMENOC 0321, Quantum (no longer supported), Premium, and Modicon BMxCRA and 140CRA modules. The M580 PLC, which is the newest Modicon controller, is the only one affected by all the vulnerabilities, while the rest are impacted by 2-8 flaws.