IT Security Newsletter - 10/18/2022
Ex-WSJ reporter says he was framed in elaborate 'hack-and-smear' operation
A former Wall Street Journal reporter has sued a multinational law firm, some of its attorneys, and others for allegedly stealing his emails and spreading the messages to wrongly discredit him, leading to his firing. In court documents, Jay Solomon, who was the newspaper's chief foreign affairs correspondent until he was axed in 2017, accused 11 defendants including Philadelphia-based law firm Dechert of costing him his job and damaging his reputation. READ MORE...
Keystone Health Data Breach Impacts 235,000 Patients
Pennsylvania healthcare provider Keystone Health has started informing patients of a data breach potentially impacting their personal information. In a data breach notification published on its website, Keystone is disclosing a cybersecurity incident identified on August 19 and which has resulted in the disruption of some systems. The healthcare provider says it immediately launched an investigation into the incident, which discovered that certain patient information might have been compromised. READ MORE...
Ransomware attack halts circulation of some German newspapers
German newspaper 'Heilbronn Stimme' published today's 28-page issue in e-paper form after a Friday ransomware attack crippled its printing systems. On Saturday, the newspaper issued an "emergency" six-page edition while all planned obituaries were posted on the website. Phone and email communication remained offline during the weekend. The regional publication has a circulation of about 75,000 copies, but due to printing issues has temporarily lifted the paywall from its website. READ MORE...
Hackers compromised Hong Kong govt agency network for a year
Researchers at Symantec have uncovered cyberattacks attributed to the China-linked espionage actor APT41 (a.k.a. Winnti) that breached government agencies in Hong Kong and remained undetected for a year in some cases. The threat actor has been using custom malware called Spyder Loader, which has been previously attributed to the group. In May 2022, researchers at Cybereason discovered 'Operation CuckooBees', which had been underway since 2019. READ MORE...
Venus Ransomware targets publicly exposed Remote Desktop services
Threat actors behind the relatively new Venus Ransomware are hacking into publicly-exposed Remote Desktop services to encrypt Windows devices. Venus Ransomware appears to have begun operating in the middle of August 2022 and has since encrypted victims worldwide. However, there was another ransomware using the same encrypted file extension since 2021, but it is unclear if they are related. READ MORE...
New 'Prestige' Ransomware Targets Transportation Industry in Ukraine, Poland
A new ransomware family has been observed targeting transportation and related logistics organizations in Ukraine and Poland, Microsoft warns. Initially observed last week, the activity surrounding the new malware family, which labels itself Prestige, does not appear to be connected with any of the ransomware or threat groups that Microsoft currently tracks, and is currently referred to as DEV-0960. READ MORE...
Fine for Shein! Fashion site hit with $1.9 million bill after lying about data breach
The parent company of women's fashion site Shein has been fined $1.9 million after being accused of lying about the extent of data breach, and notifying "only a fraction" of affected customers. Four years ago we reported how Shein had suffered a hacker attack that saw the personal details of over six million customers exposed. At the time, Shein said that the names, email addresses, and "encrypted password credentials" of "approximately 6.42 million customers" had been stolen by hackers. READ MORE...
Police breaks up criminal ring that hacked keyless systems to steal cars
A car theft ring that used fraudulent software to "hack" and steal vehicles with remote keyless entry and ignition systems has been dismantled by the French National Gendarmerie, Europol announced on Monday. "The criminals targeted vehicles with keyless entry and start systems, exploiting the technology to get into the car and drive away," the EU law enforcement agency said. READ MORE...
Critical vulnerability surfaces in Apache Commons Text library
Security researchers are tracking a critical vulnerability in the Apache Commons Text library, which could allow an attacker to enable remote code execution. The library is mainly focused on algorithms that work on strings. It includes an API, which allows for interpolation or substitution, and for properties to be dynamically evaluated and expanded. READ MORE...
- ...in 1851, Herman Melville's novel "Moby-Dick" is first published as "The Whale."
- ...in 1867, The Alaska territory is formally transferred to the U.S. from Russian control.
- ...in 1954, Texas Instruments announces the development of the first transistor radio.
- ...in 1967, the Soviet Venera 4 probe reaches Venus, becoming the first spacecraft to measure the atmosphere of another planet.