IT Security Newsletter - 10/23/2020
Credential-Stuffing Attacks Plague Loyalty Programs
Loyalty programs that attract consumers with free coffee, gas, airline miles, hotel stays, and more if they spend enough with their preferred brands are under full-scale assault by cyberattackers. A new report out from Akamai this week shows cybercriminals are targeting rewards programs with impunity, reaping significant profits on the Dark Web by reselling account access, points, and other rewards fraudulently siphoned from loyalty accounts. Between July 2018 and June 2020, Akamai observed [...] READ MORE...
Destructive Malware Spotted in Recent Attacks Launched by Iranian Cyberspies
The Iran-linked cyber-espionage group known as Seedworm appears to have added a new downloader to its arsenal and to have started conducting destructive attacks, security researchers report. Also referred to as MuddyWater, MERCURY, and Static Kitten, the cyber-espionage group was initially analyzed in 2017. Seedworm shows a focus on targeting Middle Eastern organizations, or those in nearby regions. The threat actor is highly active and is known for the use of a broad and varied toolset. READ MORE...
Chrome 86 Starts Blocking Abusive Notification Permission Requests
Google has stepped up its effort against websites that have a history of sending abusive notification content, by blocking notification permission requests in Chrome 86. This is the latest step Google has taken in this direction, after the introduction of the quiet notification permission UI in Chrome 80 and the automatic enrollment in the quiet notification UI for websites that display abusive notification permission requests starting with Chrome 84. Such websites, the Internet search giant explains. READ MORE...
63 billion credential stuffing attacks hit retail, hospitality, travel industries
Akamai published a report detailing criminal activity targeting the retail, travel, and hospitality industries with attacks of all types and sizes between July 2018 and June 2020. The report also includes numerous examples of criminal ads from the darknet illustrating how they cash in on the results from successful attacks and the corresponding data theft. "Criminals are not picky - anything that can be accessed can be used in some way," said Steve Ragan, Akamai security researcher. READ MORE...
DigitalWare Launches Risk Detection and Quantification Platform
Risk is a condition that pre-exists an incident. If you reduce security risk, you will reduce security incidents. Epiphany is a new risk detection and quantification platform that highlights, qualifies and quantifies the risks that occur within the technical structure and users of a network, giving the security team the opportunity to eliminate the risk before an incident. The Epiphany Intelligence Platform from DigitalWare gathers information on the IT infrastructure and its users. READ MORE...
NVIDIA patches high severity GeForce Experience vulnerabilities
NVIDIA released a security update for the Windows NVIDIA GeForce Experience (GFE) app to address vulnerabilities that could enable attackers to execute arbitrary code, escalate privileges, gain access to sensitive info, or trigger a denial of service (DoS) state on systems running unpatched software. NVIDIA GFE is a companion utility for GeForce GTX graphics cards that "keeps your drivers up to date, automatically optimizes your game settings, and gives you the easiest way to share your [...]" READ MORE...
7 Mobile Browsers Vulnerable to Address-Bar Spoofing
Security vendor Rapid7, in collaboration with independent researcher Rafay Baloch, this week disclosed details on new vulnerabilities in seven mobile browsers - including Safari and Opera - that allow attackers to spoof information showed in the browser's address bar. The vulnerabilities are the latest examples of a common security weakness in software where the user interface can be tricked into displaying erroneous information or to make it appear as if the information comes from a trusted source. READ MORE...
Botnet Infects Hundreds of Thousands of Websites
KashmirBlack has been targeting popular content management systems, such as WordPress, Joomla, and Drupal, and using Dropbox and GitHub for communication to hide its presence. A botnet focused on cryptomining, spamming, and defacement has infected hundreds of thousands of websites running popular content management systems (CMSes), such as WordPress, Joomla, Magneto, and Drupal, according to online security firm Imperva. The botnet, dubbed KashmirBlack, uses a modular infrastructure. READ MORE...
- ...in 1861, President Abraham Lincoln suspends the writ of habeas corpus in Washington, D.C. for all military-related cases.
- ...in 1929, The first transcontinental air service begins from New York to Los Angeles.
- ...in 1959, musical parodist and accordion virtuoso Alfred "Weird Al" Yankovic ("Eat It," "UHF") is born in Downey, CA.
- ...in 1988, the classic 8-bit video game Super Mario Bros. 3 is released by Nintendo.