IT Security Newsletter

IT Security Newsletter - 10/30/2024

Written by Cadre | Wed, Oct 30, 2024

Italian Politicians Express Alarm at Latest Data Breach Allegedly Affecting 800,000 Citizens

Italian politicians called Monday for better protection of citizens' online data following a probe into a hacking scheme that allegedly breached law enforcement, tax authority and other sensitive public data. According to prosecutors in Milan, the data of at least 800,000 Italians was compromised in breaches dating from 2022 by a private investigative agency that compiled dossiers for a fee on top Italian business and political figures. READ MORE...

Fired Disney staffer accused of hacking menu to add profanity, wingdings, while removing allergen info

A disgruntled ex-Disney employee has been arrested and charged with hacking his former employer's systems to alter restaurant menus with potentially deadly consequences. Michael Scheuer was charged [PDF] and arrested last week for allegedly violating the Computer Fraud and Abuse Act on three occasions by breaking into a former employer's systems. Disney is not named in the complaint, but The Register has been told they are the company in question, and Scheuer's former employer. READ MORE...

Hackers find 15,000 credentials by scanning for git configuration

More than 15,000 stolen cloud service credentials were discovered in an open Amazon Web Services bucket by the cybersecurity firm Sysdig. In a report released Wednesday, Sysdig researchers revealed that a global operation called EMERALDWHALE stole credentials belonging to cloud service and email providers, as well as other services, by targeting exposed git configurations. READ MORE...

Russian hackers deliver malicious RDP configuration files to thousands

Midnight Blizzard - a cyber espionage group that has been linked to the Russian Foreign Intelligence Service (SVR) - is targeting government, academia, defense, and NGO workers with phishing emails containing a signed Remote Desktop Protocol (RDP) configuration file. "Based on our investigation of previous Midnight Blizzard spear-phishing campaigns, we assess that the goal of this operation is likely intelligence collection," Microsoft's threat analysts say. READ MORE...

New Windows Themes zero-day gets free, unofficial patches

Free unofficial patches are now available for a new Windows Themes zero-day vulnerability that allows attackers to steal a target's NTLM credentials remotely. NTLM has been extensively exploited in NTLM relay attacks, where threat actors force vulnerable network devices to authenticate against servers under their control, and pass-the-hash attacks, where they exploit system vulnerabilities or deploy malicious software to acquire NTLM hashes (which are hashed passwords) from targeted systems. READ MORE...

QNAP fixes NAS backup software zero-day exploited at Pwn2Own

QNAP has fixed a critical zero-day vulnerability exploited by security researchers on Thursday to hack a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. Tracked as CVE-2024-50388, the security flaw is caused by an OS command injection weakness in HBS 3 Hybrid Backup Sync version 25.1.x, the company's disaster recovery and data backup solution. READ MORE...

Patch now! New Chrome update for two critical vulnerabilities

Google has released an update for its Chrome browser which includes patches for two critical vulnerabilities. The update brings the Stable channel to versions 130.0.6723.91/.92 for Windows and Mac and 130.0.6723.91 for Linux. The easiest way to update Chrome is to allow it to update automatically, but you can end up lagging behind if you never close your browser or if something goes wrong-such as an extension stopping you from updating the browser. READ MORE...

Recent Version of LightSpy iOS Malware Packs Destructive Capabilities

A recent iOS-targeting version of the LightSpy malware includes over a dozen new plugins, many with destructive capabilities, according to cybersecurity firm ThreatFabric. The LightSpy malware came to light in 2020, after it was observed targeting the iPhones of users in Hong Kong. Threat actors had been attempting to take over devices and steal data using the malware. READ MORE...

'CrossBarking' Attack Targets Secret APIs, Exposes Opera Browser Users

Researchers have uncovered a fresh browser attack that compromises "private" application programming interfaces (APIs) in Opera to allow carte blanche over victims' browsers. Browser APIs provide a bridge between Web applications and browser functionalities - including those related to security, storage, performance optimization, geolocation, and more - enabling the websites you visit to provide better, more robust features and experiences. READ MORE...

  • ...in 1838, Oberlin Collegiate Institute in Lorain County, Ohio becomes the first college in the U.S. to admit female students.
  • ...in 1938, H.G. Wells' War of the Worlds is broadcast over the radio by Orson Welles' Mercury Theatre.
  • ...in 1961, The USSR detonates "Tsar Bomba," a 50-megaton hydrogen bomb; it is still the largest explosive device of any kind over detonated.
  • ...in 1991, BET Holdings Inc., becomes the first African-American owned company listed on the New York Stock Exchange.