<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 10/11/2022

SHARE

Top News

US Airports in Cyberattack Crosshairs for Pro-Russian Group Killnet

Hot on the heels of attacks against US state government websites, pro-Russian threat group Killnet on Monday disrupted the websites of multiple US airports in a series of distributed denial-of-service (DDoS) attacks. It also called on similarly aligned groups and individuals to carry out DDoS attacks on other US infrastructure targets, in what appears to be an escalation of a recent campaign protesting the US government's support for Ukraine in its war with Russia. READ MORE...

Breaches

Toyota Discloses Data Breach Impacting Source Code, Customer Email Addresses

Japanese car manufacturer Toyota has disclosed a security incident that involved source code hosted on GitHub and which may have resulted in unauthorized access to roughly 300,000 customer email addresses. The incident, the company says, impacts customers who have subscribed to the T-Connect website, a service and mobile application that provides users with car management features such as find my car, maintenance reminders, concierge services, and vehicle information. READ MORE...


State Bar of Georgia Confirms Data Breach Following Ransomware Attack

The State Bar of Georgia was hit by a ransomware attack earlier this year and the organization has now confirmed that member and employee information was compromised. The incident occured in April 2022 and was disclosed in early May, when few details were shared by the organization. Roughly one month later, the bar revealed that the attack involved BitLocker ransomware, which encrypted tens of servers and workstations. READ MORE...


Optus data breach prompts pincer movement of twin regulatory probes

Australian carrier Optus's recent data breach will be investigated by two regulators, the double trouble likely an indicator of the nation's displeasure at the incident - which saw almost ten million locals' personal data exposed online. One of the probes will be conducted by the Australian Communications and Media Authority (ACMA), which will ponder "obligations relating to the acquisition, authentication, retention, disposal and protection of personal information." READ MORE...

Hacking

Caffeine service lets anyone launch Microsoft 365 phishing attacks

A phishing-as-a-service (PhaaS) platform named 'Caffeine' makes it easy for threat actors to launch attacks, featuring an open registration process allowing anyone to jump in and start their own phishing campaigns. Caffeine doesn't require invites or referrals, nor does it require wannabe threat actors to get approval from an admin on Telegram or a hacking forum. Due to this, it removes much of the friction that characterizes almost all platforms of this kind. READ MORE...

Software Updates

Mystery iPhone update patches against iOS 16 mail crash-attack

We use Apple's Mail app all day, every day for handling work and personal email, including a plentiful supply of very welcome Naked Security comments, questions, article ideas, typo reports, podcast suggestions and much more. But there must have been a serious problem brewing in the latest version of the app, because Apple just pushed out a one-bug security patch for iOS 16, taking the version number to iOS 16.0.3, and fixing a vulnerability specific to Mail. READ MORE...

Malware

Fake Solana Phantom security updates push crypto-stealing malware

Hackers are airdropping NFTs to Solana cryptocurrency owners pretending to be alerts for a new Phantom security update that lead to the installation of password-stealing malware and the theft of cryptocurrency wallets. This ongoing attack started two weeks ago, with NFTs titled 'PHANTOMUPDATE.COM' or 'UPDATEPHANTOM.COM' sent that claim to be warnings from the developers of Phantom. READ MORE...

Information Security

Lloyd's, after proactively taking systems offline, finds no evidence of compromise

Lloyd's of London will restore full network service by Wednesday after an investigation into a security incident last week found no evidence of compromise. "The investigation has concluded that no evidence of any compromise was found and as such Lloyd's has been advised that its network services can now be restored," a Lloyd's spokesperson said in an emailed statement to Cybersecurity Dive. READ MORE...

Exploits/Vulnerabilities

Fortinet Confirms Zero-Day Vulnerability Exploited in One Attack

Fortinet has confirmed that the critical vulnerability whose existence came to light last week is a zero-day flaw that has been exploited in at least one attack. The company privately informed some customers last week about the availability of patches and workarounds for an authentication bypass vulnerability exposing FortiOS and FortiProxy products to remote attacks. READ MORE...

On This Date

  • ...in 1964, comedian and former "Mystery Science Theater 3000" host Michael J. Nelson is born in St. Charles, IL.
  • ...in 1968, the first manned Apollo mission, Apollo 7, is launched from Cape Kennedy.
  • ...in 1975, the premiere episode of Saturday Night Live airs on NBC, hosted by George Carlin with musical guests Billy Preston and Janis Ian.
  • ...in 1987, the first public display of the AIDS Memorial Quilt is held on the National Mall in Washington, D.C.