<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 10-28-2021

SHARE

Top News

Grief Ransomware Targets NRA

A ransomware group tied to Russia claims to have stolen data from the National Rifle Association (NRA) in a ransomware attack on the controversial gun-rights group, which has declined to comment on the situation. The Grief ransomware gang listed the NRA as a victim of its nefarious activity on its data-leak site. Brett Callow, a threat analyst with cybersecurity firm Emsisoft, posted a screenshot of Grief's post on his Twitter account. READ MORE...

Hacking

German investigators identify REvil ransomware gang core member

German investigators have reportedly identified a Russian man named Nikolay K. whom they believe to be one of REvil ransomware gang's core members, one of the most notorious and successful ransomware groups in recent years. The man is presenting himself as a cryptocurrency investor and trader, but the German authorities who been following him for months think otherwise after tracking some of the Bitcoin payments he made over the years. READ MORE...


'Cyber event' knocks dairy giant Schreiber Foods offline amid industry ransomware outbreak

A "cyber event" knocked plants and distribution centers offline at Schreiber Foods, a multibillion-dollar dairy company, a spokesperson told CyberScoop Wednesday. The incident began affecting operations Friday evening, according Schreiber Foods' Andrew Tobisch. "We began the process of bringing our plants and distribution centers back up late Monday," he said. READ MORE...


Teen Rakes in $2.74M Worth of Bitcoin in Phishing Scam

During the early days of the pandemic, while the rest of the world was stress streaming and working on sourdough starter, an ambitious teen stuck in his bedroom decided to set up a fake "Love2Shop" gift card site to harvest people's payment information, invest the stolen money in cryptocurrency and become a millionaire. The intrepid 17-year-old in the U.K. collected just under $9,000 before the real Love2Shop caught on when customers started to complain. READ MORE...

Malware

Android spyware apps target Israel in three-year-long campaign

A set of seemingly innocuous Android apps have been infecting Israeli users with spyware since 2018, and the campaign continues to this day. The spyware-laden apps were discovered by researchers at Qihoo 360 who found various apps disguised as social applications, Threema, Al-Aqsa Radio, Al-Aqsa Mosque, Jerusalem Guide, PDF viewer, Wire, and other applications. READ MORE...

Exploits/Vulnerabilities

QR Codes Help Attackers Sneak Emails Past Security Controls

Researchers have observed an attacker using a technique they hadn't previously seen to attempt to sneak phishing emails past enterprise security filters. Abnormal Security, which reported the campaign this week, says between Sept. 15 and Oct. 13 it detected and blocked some 200 emails that contained a QR code - instead of the usual malicious attachment or URL link - to try and drive users to a phishing website. READ MORE...


Read Between the Lines: Finding Flaws in EPUB Reading Systems

How secure is your e-reader? A team of security researchers curious to explore e-book security analyzed free EPUB reading applications and physical e-readers and found that many apps don't comply with security recommendations, and some popular applications are vulnerable to exploitation. Their investigation consisted of a large-scale study in which they analyzed 97 free EPUB reading applications across seven platforms, as well as five physical e-readers. READ MORE...


WordPress Plugin Bug Lets Subscribers Wipe Sites

Researchers have discovered a homicidal WordPress plugin that allows subscribers to wipe sites clean of content. The high-severity security flaw is found in Hashthemes Demo Importer, a plugin that's used in more than 8,000 active installations. According to security researchers at Wordfence, the vulnerability allows any authenticated user to completely exsanguinate a vulnerable site, "permanently deleting nearly all database content as well as all uploaded media." READ MORE...

On This Date

  • ...in 1726, Jonathan Swift's satirical fantasy novel "Gulliver's Travels" is published.
  • ...in 1886, The Statue of Liberty (originally named "Liberty Enlightening the World") is dedicated at Liberty Island, NY by President Grover Cleveland.
  • ...in 1942, computer scientist and academic Gillian Lovegrove, an early pioneer and vocal advocate of women in IT-oriented professions, is born in Yorkshire, UK.
  • ...in 1962, Soviet Premier Nikita Khrushchev orders Soviet missiles removed from Cuba, ending the Cuban Missile Crisis.