IT Security Newsletter - 10/20/2023
Europol knocks RagnarLocker offline in second major ransomware bust this year
Law enforcement agencies have taken over RagnarLocker ransomware group's leak site in an internationally coordinated takedown. Among the agencies involved are Europol's European Cybercrime Centre (EC3), the US's Federal Bureau of Investigation (FBI), and Germany's Bundeskriminalamt (BKA), among many others. The takedown follows a concerted effort from law enforcement in recent years to shutter ransomware groups as their success continues to exceed previous records. READ MORE...
Millions of new 23andMe genetic data profiles leak on cybercrime forum
Golem, the hacker who leaked the data of one million Ashkenazi Jews from the 23andMe ancestry service earlier this month has now released 4.1 million more genetic data profiles. This time the hacker, who is known by the online handle "Golem," has published a new dataset containing details of what they claim are "the wealthiest people living in the US and Western Europe" on the cybercrime forum BreachForums. READ MORE...
Iranian Hackers Lurked for 8 Months in Government Network
Iran-linked hacking group Crambus spent eight months inside a compromised network of a Middle Eastern government, Broadcom's Symantec cybersecurity unit reports. Symantec uses the Crambus name for clusters of activity that other cybersecurity firms are tracking as APT34 (also known as Cobalt Gypsy, OilRig, and Helix Kitten), and MuddyWater (aka Mango Sandstorm, Mercury, Seedworm, and Static Kitten). READ MORE...
North Korean hackers are targeting software developers and impersonating IT workers
State-sponsored North Korean hackers have significantly intensified their focus on the IT sector in recent years, by infiltrating firms developing software and companies looking for IT workers. Microsoft has outlined on Wednesday how North Korea-backed hacking groups Lazarus (Diamond Sleet) and Andariel (Onyx Sleet) have been exploiting a critical authentication bypass vulnerability in JetBrains TeamCity server to breach target systems and establish persistent access to compromised hosts. READ MORE...
Researchers uncover DarkGate malware's Vietnamese connection
WithSecure researchers have tracked attacks using DarkGate malware to an active cluster of cybercriminals operating out of Vietnam. DarkGate is a remote access trojan (RAT) that has been used in attacks since at least 2018 and is currently available to cybercriminals as Malware-as-a-Service (MaaS). It has a diverse user base and a variety of capabilities. It has been observed in information stealing, cryptojacking, and ransomware campaigns. READ MORE...
BlackCat ransomware uses new 'Munchkin' Linux VM in stealthy attacks
The BlackCat/ALPHV ransomware operation has begun to use a new tool named 'Munchkin' that utilizes virtual machines to deploy encryptors on network devices stealthily. Munchkin enables BlackCat to run on remote systems or encrypt remote Server Message Block (SMB) or Common Internet File (CIFS) network shares. The introduction of Munchkin to BlackCat's already extensive and advanced arsenal makes the RaaS more attractive to cybercriminals seeking to become ransomware affiliates. READ MORE...
The latest high-severity Citrix vulnerability under attack isn't easy to fix
A critical vulnerability that hackers have exploited since August, which allows them to bypass multifactor authentication in Citrix networking hardware, has received a patch from the manufacturer. Unfortunately, applying it isn't enough to protect affected systems. The vulnerability, tracked as CVE-2023-4966 and carrying a severity rating of 9.8 out of a possible 10, resides in the NetScaler Application Delivery Controller and NetScaler Gateway. READ MORE...
- ...in 1818, The United States and Britain establish the 49th Parallel as the boundary between Canada and the United States.
- ...in 1870, The Summer Palace in Beijing, China, is burnt to the ground by a Franco-British expeditionary force.
- ...in 1944, U.S. troops land on Leyte in the Philippines, keeping General MacArthur's pledge "I shall return."
- ...in 1968, Jacqueline Kennedy marries Aristotle Onassis.