IT Security Newsletter

IT Security Newsletter - 10/25/2021

Written by Cadre | Mon, Oct 25, 2021

FBI, others crush REvil using ransomware gang's favorite tactic against it

Four days ago, the REvil ransomware gang's leak site, known as the "Happy Blog," went offline. Cybersecurity experts wondered aloud what might have caused the infamous group to go dark once more. One theory was that it was an inside job pulled by the group's disaffected former leader. Another was that law enforcement had successfully hacked and dismantled the group. READ MORE...

Facebook Sues Ukrainian for Scraping, Selling Data of 178 Million Users

Facebook last week filed a lawsuit against a Ukrainian national who allegedly scraped the information of 178 million of its users and then sold the obtained information on hacker forums. The defendant is Alexander Alexandrovich Solonchenko, whom Facebook says used the online monikers "Solomame" and "barak_obama" on the RaidForums hacker forum, where he allegedly sold illegally obtained information. READ MORE...

SolarWinds hackers are going after cloud, managed and IT service providers

Nobelium, the advanced, persistent threat (APT) actor behind the 2020 SolarWinds supply chain attack that served as a springboard for breaching a variety of high-level targets, is targeting organizations via their various service providers. "Nobelium has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain," says Tom Burt, Corporate VP, Customer Security & Trust, Microsoft. READ MORE...

FIN7 Lures Unwitting Security Pros to Carry Out Ransomware Attacks

The financially motivated cybercrime gang behind the Carbanak backdoor malware, FIN7, has hit upon a genius idea for maximizing profit from ransomware: Hire real pen-testers to do some of their dirty work instead of striking partnerships with other criminals. According to a report from Gemini Advisory, the group has set up a fake security company (called "Bastion Secure") and is looking to hire security pros under the guise of needing red-teaming expertise for its clients. READ MORE...

'TodayZoo' Phishing Kit Cobbled Together From Other Malware

A phishing operation has cut and pasted components of at least five other phishing kits to create its own attack platform, sending out password-reset and fax-and-scanner notifications in significant campaigns earlier this year, according to researchers with the Microsoft 365 Defender Threat Intelligence Team. The TodayZoo kit, as Microsoft dubbed the framework, appears to extensively use code from several other phishing kits. READ MORE...

'Critical Severity' Warning for Malware Embedded in Popular JavaScript Library

Security responders are scrambling this weekend to assess the damage from crypto-mining malware embedded in an npm package (JavaScript library) that counts close to 8 million downloads per week. The hack, which raised eyebrows because of the software supply chain implications, prompted a "critical severity" warning from GitHub that any computer with the embedded npm package "should be considered fully compromised." READ MORE...

CISA urges admins to patch critical Discourse code execution bug

A critical Discourse remote code execution (RCE) vulnerability tracked as CVE-2021-41163 was fixed via an urgent update by the developer on Friday. Discourse is an open-source forum, long-form chat, and mailing list management platform widely deployed on the web, offering excellent usability and integration potential while focusing heavily on social features. READ MORE...

Cisco SD-WAN Security Bug Allows Root Code Execution

Cisco SD-WAN implementations are vulnerable to a high-severity privilege-escalation vulnerability in the IOS IE operating system that could lead to arbitrary code execution. Cisco's SD-WAN portfolio allows businesses of all sizes to connect disparate office locations via the cloud using various networking technologies, including standard internet connections. READ MORE...

  • ...in 1881, artist and co-founder of the Cubist movement Pablo Picasso is born in Malaga, Spain.
  • ...in 1957, voice actress Nancy Cartwright, best known for playing Bart Simpson and other characters on "The Simpsons", is born in Dayton, OH.
  • ...in 1960, Martin Luther King, Jr. is sentenced to four months in jail for participating in a sit-in at a segregated lunch counter.
  • ...in 2001, Microsoft releases Windows XP.