IT Security Newsletter - 10/10/2022
Intel confirms leaked Alder Lake BIOS Source Code is authentic
Intel has confirmed that a source code leak for the UEFI BIOS of Alder Lake CPUs is authentic, raising cybersecurity concerns with researchers. Alder Lake is the name of Intel's 12th generation Intel Core processors, released in November 2021. On Friday, a Twitter user named 'freak' posted links to what was said to be the source code for Intel Alder Lake's UEFI firmware, which they claim was released by 4chan. READ MORE...
CommonSpirit's 'IT security incident' was likely cyberattack, security experts say
An "IT security incident" reported this week by CommonSpirit Health, one of the nation's largest health systems, is likely a cyberattack, security experts said. CommonSpirit announced on Tuesday that an unspecified security incident was affecting multiple regions and interrupting access to electronic health records. As a precautionary step, some systems were taken offline as a result of the incident, the system said. READ MORE...
Email Defenses Under Siege: Phishing Attacks Dramatically Improve
This week's report that cyberattackers are laser-focused on crafting attacks specialized to bypass Microsoft's default security showcases an alarming evolution in phishing tactics, security experts said this week. Threat actors are getting better at slipping phishing attacks through the weak spots in platform email defenses, using a variety of techniques, such as zero-point font obfuscation, hiding behind cloud-messaging services, and delaying payload activation, for instance. READ MORE...
Criminal multitool LilithBot arrives on malware-as-a-service scene
A Russia based threat group that set up a malware distribution shop earlier this year is behind a Swiss Army knife-like botnet that comes with a range of other malicious capabilities, from stealing information to mining cryptocurrency. That's according to researchers at Zscaler's ThreatLabz threat intelligence unit. It said the Eternity group - also known as EternityTeam and Eternity Project - is offering the multifunction LilithBot malware through a dedicated Telegram group. READ MORE...
Make your neighbor think their house is haunted by blinking their Ikea smart bulbs
A couple of vulnerabilities in Ikea smart lighting systems can be exploited to make lights annoyingly flicker for hours. While the pair of bugs won't top the list of security flaws Beijing-backed spies hope to exploit to steal government secrets or wreak havoc on high-value targets, the vulnerabilities could provide some mildly disruptive entertainment for, say, an annoying next-door neighbor looking for some spooky-month hi-jinx. READ MORE...
Unpatched Zimbra flaw under attack is letting hackers backdoor servers
An unpatched code-execution vulnerability in the Zimbra Collaboration software is under active exploitation by attackers using the attacks to backdoor servers. The attacks began no later than September 7, when a Zimbra customer reported a few days later that a server running the company's Amavis spam-filtering engine processed an email containing a malicious attachment. Within seconds, the scanner copied a malicious Java file to the server and then executed it. READ MORE...
Android vulnerabilities could allow arbitrary code execution
Several vulnerabilities have been patched in the Google Android operating system (OS), the most severe of which could allow for arbitrary code execution. None of the vulnerabilities have been spotted in the wild. Operating systems contain and manage all the programs and applications that a computer or mobile device is able to run. The Android OS was developed by Google for mobile devices like smartphones, tablets, smart watches, and more. READ MORE...
- ...in 1902, The Gibson Mandolin guitar company is formed. 50 years later, they would produce the Gibson Les Paul electric guitar.
- ...in 1917, jazz great Thelonious Monk ("Straight, No Chaser") is born in Rocky Mount, NC.
- ...in 1924, filmmaker Edward D. Wood, Jr., director of the infamous 1956 cult classic "Plan 9 From Outer Space" is born in Poughkeepsie, NY.
- ...in 1967, the Outer Space Treaty, prohibiting the militarization and nuclearization of space and all celestial bodies, comes into force after being signed by over 60 nations.
- ...in 1970, Black Sabbath reaches No.1 on the UK charts with their second album, 'Paranoid.'