<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 10/14/2021

Breaches

Hackers Claim to Have Stolen 60 GB of Data From Acer

A group of hackers claims to have stolen more than 60 gigabytes of data after breaching servers belonging to Taiwanese tech giant Acer. In a post on a publicly accessible hacker forum, a group calling itself "Desorden" claimed to have stolen databases and other files from breached Acer India servers. The hackers shared a link to a sample of the stolen data and they promised to leak more once they have analyzed it. They also published a video showing the files they allegedly stole from Acer. READ MORE...


Israeli Hospital Targeted in Ransomware Attack

An Israeli hospital was targeted Wednesday by a ransomware attack, officials said, with the state's cyber directorate calling it the first such attack on a hospital in the country. The Hillel Yaffe Medical Center is "currently using alternative systems to treat its patients", it said in a statement, describing the attack as "totally unexpected". "Medical treatment is continuing as usual, aside from non-urgent elective procedures," Hillel Yaffe said. READ MORE...

Hacking

Romance scammers exploit Apple's developer program to spread fake cryptocurrency apps

Fraudsters are using the promise of love to lure victims into downloading fake cryptocurrency trading apps and then stealing their funds, researchers at Sophos report. The ongoing campaign, which researchers have dubbed "CryptoRom," has targeted victims across Europe, the U.S. and Asia. In these scams, scammers use dating apps like Bumble, Tinder, and Grindr to build trust with a victim. They then move the conversation to a messaging app, where they ask victims to install a fake trading app. READ MORE...


State-sponsored Iranian hackers uploaded fake VPN app to Google's Play store, posed as university officials

Suspected government-backed hackers from Iran have used an array of techniques, from password theft to uploading a fake app to a prominent app marketplace, to try gathering intelligence from targets over the past year, Google said in a bulletin published Thursday. The espionage group APT35, also known as Charming Kitten, last year successfully uploaded to Google's Play Store an app that masqueraded as a virtual private network service, claiming the tool would safeguard user data. READ MORE...

Malware

MyKings botnet still active and making massive amounts of money

The MyKings botnet (aka Smominru or DarkCloud) is still actively spreading, making massive amounts of money in crypto, five years after it first appeared in the wild. Being one of the most analyzed botnets in recent history, MyKings is particularly interesting to researchers thanks to its vast infrastructure and versatile features, including bootkits, miners, droppers, clipboard stealers, and more. READ MORE...


FreakOut Botnet Turns DVRs Into Monero Cryptominers

Threat group FreakOut's Necro botnet has developed a new trick: infecting Visual Tools DVRs with a Monero miner. Juniper Threat Labs researchers have issued a report detailing new activities from FreakOut, also known as Necro Python and Python.IRCBot. In late September, the team noticed that the botnets started to target Visual Tools DVR VX16 4.2.28.0 models with cryptomining attacks. The devices are typically deployed as part of a professional-quality surveillance system. READ MORE...


OpenSea 'Free Gift' NFTs Drain Cryptowallet Balances

Users of OpenSea, the world's largest digital-collectible marketplace, have found their cryptocurrency wallets ripped off thanks to cyberattackers weaponizing security bugs that allowed them to highjack user accounts. The attacks revolved around boobytrapped art files, which circulated in the form of "free gifts." That's according to Check Point Research, whose researchers looked into a series of claims that cryptocurrency balances were going poof for both market shoppers and merchants. READ MORE...

Information Security

A Close Look at Russia's Ghostwriter Campaign

Russia's online disinformation efforts are vast and growing. While most of the US media's attention to date has focused on Moscow's efforts in the US elections, this overlooks an even more robust campaign that has been underway in Europe for quite some time. Known as "Ghostwriter," this espionage and disinformation operation has targeted several European countries, including Germany, Poland, Ukraine, and the Baltics (Estonia, Latvia, and Lithuania). READ MORE...

Exploits/Vulnerabilities

Microsoft confirms new Windows 11 printer installation issues

Microsoft has confirmed new Windows 11 known issues which cause printers installation fails on systems commonly found in enterprise environments. As Redmond explains, printer installation might fail when attempted over the network on devices that access printers via print server using HTTP connections. Installing printers might also not complete successfully via the Internet Printing Protocol (IPP) in organizations sharing an IPP printer using printer connections. READ MORE...

On This Date

  • ...in 1884, George Eastman receives a patent for his paper-strip photographic film.
  • ...in 1947, Charles "Chuck" Yeager becomes the first pilot to break the sound barrier, flying the experimental Bell X1 rocket plane.
  • ...in 1962, the Cuban Missile Crisis begins, when the American intelligence spots Soviet-made missiles capable of carrying nuclear warheads being installed in western Cuba.
  • ...in 2012, daredevil Felix Baumgartner successfully parachutes from a height of 24 miles, setting multiple world records for both altitude and free-fall velocity.