<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 10/24/22

SHARE

Hacking

Iranian hackers that tampered with 2020 election could once again target U.S., FBI warns

An Iranian hacking group accused of attempting to interfere in the 2020 presidential election, and attacking an unnamed U.S. organization in early 2022, could once again be looking to infiltrate American targets, the FBI warned in a notice late Thursday. The group identified as Emennet Pasargad has been using "false-flag campaigns under the guise of multiple personas" to target Israeli organizations in recent years and carry out hack-and-leak operations, the bureau said. READ MORE...

Malware

US Healthcare Organizations Warned of 'Daixin Team' Ransomware Attacks

The US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) have issued a joint alert on a new cybercrime group targeting organizations in the healthcare sector. Called Daixin Team, the threat actor has been active since at least June 2022, targeting organizations in the US with ransomware based on leaked Babuk source code, and also engaging in data theft and extortion. READ MORE...


Researchers uncover more than 167,000 stolen credit card numbers, primarily from the U.S.

Cybercriminals used a pair of point-of-sale malware variants to steal more than 167,000 payment records from 212 infected devices mostly in the U.S., according to researchers with Group-IB. It's not clear who is behind the attack or whether they sold or used the pilfered card data. But researchers estimate the information could be worth more than $3.3 million, highlighting how malware designed to steal information from credit card payment terminals remains a troubling concern. READ MORE...

Information Security

White House plans IoT security labeling program for spring 2023

Major connected device manufacturers, retailers and industry groups back efforts to boost cyber awareness. The White House confirmed plans to launch a cybersecurity consumer labeling program for Internet of Things devices by the spring of 2023, following a Wednesday summit with some of the nation's top device makers, retailers and industry associations. READ MORE...

Exploits/Vulnerabilities

Critical Flaws in Abode Home Security Kit Allow Hackers to Hijack, Disable Cameras

Abode Systems has resolved multiple severe vulnerabilities in its home security kit, including critical issues that could allow attackers to execute commands with root privileges. An American company, Abode Systems sells smart DIY home security systems and cameras that include motion sensors to detect intrusions or unwanted movements. Users can arm or disarm the system using an app or a keyfob. READ MORE...


List of Common Passwords Accounts for Nearly All Cyberattacks

Half of a million passwords from the RockYou2021 list account for 99.997% of all credential attacks against a variety of honeypots, suggesting attackers are just taking the easy road. Tens of millions of credential-based attacks targeting two common types of servers boiled down to a small fraction of the passwords that formed a list of leaked credentials, known as the RockYou2021 list. s. READ MORE...

On This Date

  • ...in 1861, Western Union completes the first transcontinental telegraph line.
  • ...in 1929, "Black Thursday" -- the largest sell-off of shares in stock market history -- signals the beginning of the Great Depression.
  • ...in 1938, The Fair Labor Standards Act becomes law, establishing the 40-hour work week.
  • ...in 2003, the Concorde makes its final commercial flight.