IT Security Newsletter - 10/18/2023
D-Link confirms data breach after employee phishing attack
Taiwanese networking equipment manufacturer D-Link confirmed a data breach linked to information stolen from its network and put up for sale on BreachForums earlier this month. The attacker claims to have stolen source code for D-Link's D-View network management software, along with millions of entries containing personal information of customers and employees, including details on the company's CEO. READ MORE...
CIA exposed to potential intelligence interception due to X's URL bug
An ethical hacker has exploited a bug in the way X truncates URLs to take over a CIA Telegram channel used to receive intelligence. Kevin McSheehan, who uses the online handle "Pad," spotted the issue after hovering over the link to the CIA's Telegram channel displayed on its X social media profile. After the CIA updated its profile at some point after September 27, the Telegram link shortened, cutting off part of the full username, allowing McSheehan to register the new, unregistered handle. READ MORE...
'Etherhiding' Blockchain Technique Masks Malicious Code in WordPress Sites
A threat actor has been abusing proprietary blockchain technology to hide malicious code in a campaign that uses fake browser updates to spread various malware, including the infostealers RedLine, Amadey, and Lumma. While abuse of blockchain is typically seen in attacks aimed at stealing cryptocurrency - as the security technology is best known for protecting these transactions - EtherHiding demonstrates how attackers can leverage it for other types of malicious activity. READ MORE...
US data compromises hit all-time high
Data breaches resulting in compromised personally identifiable information in the U.S. are at an all-time high this year, squashing a record set in 2021 with the final three months of the year yet to be recorded, according to Identity Theft Resource Center's research released last week. More than 2,100 organizations filed data breach notices through the first nine months of 2023, beating the previous record of 1,862 data compromises in 2021, ITRC found. READ MORE...
Oracle Patches 185 Vulnerabilities With October 2023 CPU
Oracle on Tuesday announced the release of 387 new security patches as part of the October 2023 CPU, to resolve vulnerabilities affecting its own code and third-party components. More than 40 security patches address critical-severity flaws and more than 200 resolve bugs that can be exploited remotely without authentication, Oracle's advisory reveals. READ MORE...
Tech CEO Sentenced to 5 Years in IP Address Scheme
Amir Golestan, the 40-year-old CEO of the Charleston, S.C. based technology company Micfo LLC, has been sentenced to five years in prison for wire fraud. Golestan's sentencing comes nearly two years after he pleaded guilty to using an elaborate network of phony companies to secure more than 735,000 Internet Protocol (IP) addresses from the American Registry for Internet Numbers (ARIN), the nonprofit which oversees IP addresses assigned to entities in the U.S., Canada, and parts of the Caribbean. READ MORE...
Over 40,000 admin portal accounts use 'admin' as a password
Security researchers found that IT administrators are using tens of thousands of weak passwords to protect access to portals, leaving the door open to cyberattacks on enterprise networks. Out of more than 1.8 million administrator credentials analyzed, over 40,000 entries were "admin," showing that the default password is widely accepted by IT administrators. READ MORE...
Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability
Tens of thousands of Cisco devices have reportedly been hacked through the exploitation of the newly disclosed IOS XE zero-day vulnerability tracked as CVE-2023-20198. Cisco warned customers on Monday that a critical IOS XE zero-day has been exploited by threat actors to gain elevated privileges on devices. The company is working on a patch and in the meantime it has urged customers to implement mitigations. READ MORE...
Recent NetScaler Vulnerability Exploited as Zero-Day Since August
A recently patched critical-severity vulnerability in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway had been exploited as a zero-day since August, Google's Mandiant cybersecurity unit reports. The issue, tracked as CVE-2023-4966 (CVSS score of 9.4), can be exploited without authentication to leak sensitive information from on-prem appliances that are configured as a Gateway or an AAA virtual server. READ MORE...
- ...in 1851, Herman Melville's novel "Moby-Dick" is first published as "The Whale."
- ...in 1867, The Alaska territory is formally transferred to the U.S. from Russian control.
- ...in 1954, Texas Instruments announces the development of the first transistor radio.
- ...in 1967, the Soviet Venera 4 probe reaches Venus, becoming the first spacecraft to measure the atmosphere of another planet.