IT Security Newsletter

IT Security Newsletter - 10/31/2022

Written by Cadre | Mon, Oct 31, 2022

Indianapolis Low-Income Housing Agency Hit by Ransomware

The federal agency that provides low-income housing in Indianapolis is facing a ransomware attack that's delayed its ability to send out rent payments to landlords, a top agency official says. All employees of the Indianapolis Housing Agency lost access to their email during the attack, which began weeks ago. That includes its executive director, Marcia Lewis, who lost access to her email for days but regained access to it Tuesday, The Indianapolis Star reported, citing an email she sent the newspaper. READ MORE...

Cranefly Cyberspy Group Spawns Unique ISS Technique

Hacking group Cranefly is using the new technique of using Internet Information Services (IIS) commands to deliver backdoors to targets and carry out intelligence-gathering campaigns. Researchers at Symantec have observed a previously undocumented dropper Trojan called Geppei being used to install backdoors (including Danfuan and Regeorg) and other custom tools on SAN arrays, load balancers, and wireless access point (WAP) controllers that may lack appropriate security tools. READ MORE...

VMware patches vulnerability with 9.8/10 severity rating in Cloud Foundation

Exploit code was released this week for a just-patched vulnerability in VMware Cloud Foundation and NSX Manager appliances that allows hackers with no authentication to execute malicious code with the highest system privileges. VMware patched the vulnerability, tracked as CVE-2021-39144, on Tuesday and issued it a severity rating of 9.8 out of a possible 10. The vulnerability posed so much risk that VMware took the unusual step of patching versions that were no longer supported. READ MORE...

Actively exploited Windows MoTW zero-day gets unofficial patch

A free unofficial patch has been released for an actively exploited zero-day that allows files signed with malformed signatures to bypass Mark-of-the-Web security warnings in Windows 10 and Windows 11. Last weekend, BleepingComputer reported that threat actors were using stand-alone JavaScript files to install the Magniber ransomware on victims' devices. When a user downloads a file from the Internet, Microsoft adds a Mark-of-the-Web flag to the file, causing the operating system to display security warnings. READ MORE...

A Chrome fix for an in-the-wild exploit is out-Check your version

Google has announced an update for Chrome that fixes an in-the-wild exploit. Chrome Stable channel has been updated to 107.0.5304.87 for Mac and Linux, and 107.0.5304.87/.88 for Windows. The vulnerability at hand is described as a type confusion issue in the V8 Javascript engine. If you're a Chrome user on Windows, Mac, or Linux, you should update as soon as possible. Most of the time, the easiest way to update Chrome is to do nothing-it should update itself automatically.. READ MORE...

Apple patches actively exploited iPhone, iPad kernel vulns

Apple has patched an iOS and iPad OS vulnerability that's already been exploited. Crediting an anonymous security researcher with reporting the issue, Apple said the problem involves an out-of-bounds write issue - which involves adding data past the end or before the beginning of a buffer. The impacts can bedata corruption, a crash or the chance to execute arbitrary code with kernel privileges. READ MORE...

This Windows worm evolved into slinging ransomware. Here's how to detect it

Raspberry Robin, a worm that spreads through Windows systems via USB drives, has rapidly evolved: now backdoor access is being sold or offered to infected machines so that ransomware, among other code, can be installed by cybercriminals. In a report on Thursday, Microsoft's Security Threat Intelligence unit said Raspberry Robin is now "part of a complex and interconnected malware ecosystem" with links to other families of malicious code and ties to ransomware infections. READ MORE...

  • ...in 1803, Congress ratifies the purchase of the entire Louisiana area in North America, adding territory to the U.S. which will eventually become 13 more states.
  • ...in 1914, the University of Cincinnati adopts its mascot, the Bearcat, inspired by a nickname given to star UC fullback Leonard Baehr.
  • ...in 1941, After 14 years of work, the Mount Rushmore National Memorial is completed.
  • ...in 1998, Iraq announces it will no longer cooperate with United Nations weapons inspectors.