IT Security Newsletter - 10/25/2019
Ransomware Attack Shuts Down City of Johannesburg's Systems
The City of Johannesburg municipality shut down the website, its e-services platform, and the billing system (SAP ISU and CRM) following a ransomware attack that also led to unauthorized information access according to a ransom note. The City of Johannesburg municipality shut down the website, its e-services platform, and the billing system (SAP ISU and CRM) following a ransomware attack that also led to unauthorized information access according to a ransom note.
Religious Website Data Exposed for Months
Religious website service Clover Sites exposed customer data for at least six to seven months, with the dataset found twice in two separate, insecure cloud databases. Clover offers a content management system for building and managing faith-based websites, with a “Clover Donations” module for accepting money online. According to Jeremiah Fowler at Security Discovery, he found a non-password protected database in May that contained 65,800 detailed records with customer names, billing information, contact data and the last four digits of credit-card numbers.
Joker's Stash, once a forum for credit data, grows as breaches yield more stolen data
If it’s possible to describe a cybercriminal marketplace as “reputable” while maintaining a straight face, then Joker’s Stash fits the description as well as any other. The site has emerged in recent years as a destination for scammers who buy and sell credit card information stolen after data breaches from victims including the Hy-Vee supermarket chain, Sonic Drive-In and others. Now, the site has expanded to include an array of personal information on high-value targets, according to research published Thursday by threat intelligence firm Recorded Future.
Could lighting your home open up your personal information to hackers?
Earlier this year Amazon’s Echo made global headlines when it was reported that consumers’ conversations were recorded and heard by thousands of employees. Now researchers at UTSA have conducted a review of the security holes that exist in popular smart-light brands. According to the analysis, the next prime target could be that smart bulb that shoppers buy this coming holiday season.
Raccoon Malware Scavenges 100,000+ Devices to Steal Data
A new information stealer, dubbed Raccoon, is rapidly gaining popularity with cybercriminals. In just a few months, researchers say the malware has already infected hundreds of thousands of devices across the world to rove through victims’ credit card data, email credentials and more. The malware is not overly sophisticated or innovative, but its malware-as-a-service (MaaS) model gives cybercriminals a quick-and-easy way to make money stealing sensitive data.
Researchers Analyze North Korea-Linked NukeSped RAT
Fortinet security researchers took a deep dive into NukeSped malware samples that share multiple similarities with other malware families used by North Korean threat actors. The remote access Trojan (RAT) is associated with the state-sponsored Lazarus Group, which is tracked by the U.S. government as Hidden Cobra. Last year, security researchers linked several North Korean hacking groups to Lazarus via code reuse and the newly analyzed samples reinforce that connection.