<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 10/19/2023

SHARE

Breaches

D-Link Says Hacker Exaggerated Data Breach Claims

D-Link has launched an investigation after a hacker offered to sell information allegedly stolen from one of its networks and has determined that the claims are exaggerated. On October 1, a user of the new BreachForums cybercrime website claimed they had breached the internal network of D-Link in Taiwan, which gave them access to a database storing the information of 3 million customers, as well as source code for the D-View network monitoring product. READ MORE...


Casio discloses data breach impacting customers in 149 countries

Japanese electronics manufacturer Casio disclosed a data breach impacting customers from 149 countries after hackers gained to the servers of its ClassPad education platform. Casio detected the incident on Wednesday, October 11, following the failure of a ClassPad database within the company's development environment. Evidence suggests that the attacker accessed customers' personal information a day later, on October 12. READ MORE...

Hacking

North Korean Hackers Exploiting Recent TeamCity Vulnerability

Multiple North Korean threat actors have been observed exploiting a recent vulnerability in JetBrains' TeamCity continuous integration and continuous deployment (CI/CD) server, Microsoft warns. Tracked as CVE-2023-42793, the critical-severity flaw allows unauthenticated attackers to execute code remotely on vulnerable on-premises TeamCity instances and gain administrator-level permissions. READ MORE...


Russian hackers offered phony drone training to exploit WinRAR vulnerability

Russian military hackers used a vulnerability in a popular archiving tool as part of an espionage campaign that attempted to lure its targets with a fake invitation to a Ukrainian drone warfare school, researchers with Google's Threat Analysis Group said Wednesday. The phony invitation was just one example of several state-backed hacking groups exploiting a known vulnerability in WinRAR. READ MORE...

Trends

Plastic surgeries warned by the FBI that they are being targeted by cybercriminals

Plastic surgeries across the United States have been issued a warning that they are being targeted by cybercriminals in plots designed to steal sensitive data including patients' medical records and photographs that will be later used for extortion. The warning, which was issued by the FBI yesterday and is directed towards plastic surgery offices and patients, advises that extortionists have been using a multi-stage approach to maximise their criminal profits. READ MORE...

Malware

Google-hosted malvertising leads to fake Keepass site that looks genuine

Google has been caught hosting a malicious ad so convincing that there's a decent chance it has managed to trick some of the more security-savvy users who encountered it. Looking at the ad, which masquerades as a pitch for the open source password manager Keepass, there's no way to know that it's fake. It's on Google, after all, which claims to vet the ads it carries. Making the ruse all the more convincing, clicking on it leads to keepass[.]info, which appears to be the genuine Keepass site. READ MORE...

Information Security

The Fake Browser Update Scam Gets a Makeover

One of the oldest malware tricks in the book - hacked websites claiming visitors need to update their Web browser before they can view any content - has roared back to life in the past few months. New research shows the attackers behind one such scheme have developed an ingenious way of keeping their malware from being taken down by security experts or law enforcement: By hosting the malicious files on a decentralized, anonymous cryptocurrency blockchain. READ MORE...

Exploits/Vulnerabilities

Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,000

The number of Cisco devices hacked through the exploitation of an unpatched IOS XE vulnerability has reached approximately 40,000, according to multiple cybersecurity firms. The exploited vulnerability is CVE-2023-20198, a critical flaw affecting the IOS XE web interface that can be exploited by remote, unauthenticated attackers for privilege escalation. Cisco has yet to release patches and the company warned that the vulnerability has been exploited as a zero-day since at least mid-September. READ MORE...


There's a new way to flip bits in DRAM, and it works against the latest defenses

In 2015, researchers reported a surprising discovery that stoked industry-wide security concerns-an attack called RowHammer that could corrupt, modify, or steal sensitive data when a simple user-level application repeatedly accessed certain regions of DDR memory chips. In the coming years, memory chipmakers scrambled to develop defenses that prevented the attack, mainly by limiting the number of times programs could open and close the targeted chip regions in a given time. READ MORE...

On This Date

  • ...in 1789, John Jay is sworn in as the first Chief Justice of the United States.
  • ...in 1945, actor John Lithgow ("Terms of Endearment", "3rd Rock from the Sun") is born in Rochester, NY.
  • ...in 1962, professional boxer Evander Holyfield is born in Atmore, AL.
  • ...in 1987, stock markets around the world crashed in what became known as "Black Monday."