IT Security Newsletter - 10/4/2021
Transnational fraud ring stole millions from Army members, veterans
Fredrick Brown, a former U.S. Army contractor, was sentenced today to 151 months in prison after admitting to his role in a conspiracy that targeted thousands of U.S. service members and veterans and caused millions of dollars in losses. Brown was one of five fraudsters charged with carrying out an identify-theft and fraud scheme that targeted "service members (active duty, reserve component, and National Guard) and veterans, their dependents, and civilians employed by the Department of Defense." READ MORE...
Hackers rob thousands of Coinbase customers using MFA flaw
Crypto exchange Coinbase disclosed that a threat actor stole cryptocurrency from 6,000 customers after using a vulnerability to bypass the company's SMS multi-factor authentication security feature. Coinbase is the world's second-largest cryptocurrency exchange, with approximately 68 million users from over 100 countries. Coinbase explains that between March and May 20th, 2021, a threat actor conducted a hacking campaign to breach Coinbase customer accounts and steal cryptocurrency. READ MORE...
Suit Blames Baby's Death on Cyberattack at Alabama Hospital
An Alabama woman whose 9-month-old daughter died has filed suit against the hospital where she was born claiming it did not disclose that its computer systems had been crippled by a cyberattack, which resulted in diminished care that resulted in the baby's death. Springhill Medical Center was deep in the midst of a ransomware attack when Nicko Silar was born July 17, 2019, and the resulting failure of electronic devices meant a doctor could not properly monitor the child's condition during delivery. READ MORE...
Pottawatomie County Fixing Systems After Ransomware Attack
Computer systems are being restored in Pottawatomie County are after hackers launched a ransomware attack on Sept. 17, county officials said Friday. The county resolved the attack by paying less than 10% of the hackers' original demands, County Administrator Chad Kinsley said in a statement. The eastern Kansas county did not disclose the amount it paid, WIBW-TV reported. READ MORE...
Flubot Malware Targets Androids With Fake Security Updates
The Flubot banking trojan is using a fake security warning to try to trick Android users into thinking that they've already been infected … with Flubot. It's a lie, but it will become a reality if recipients of the text message fall for it and click on the "install security update" button. "Android has detected that your device has been infected," the message reads, along with instructions on how to install a security update that will purportedly scrub off the malware. READ MORE...
Why Windows Print Spooler Remains a Big Attack Target
When a team of hackers believed to be from the US and Israel deployed the Stuxnet worm in 2010 to sabotage centrifuges at an Iranian uranium-enrichment facility in Natanz, one critical vulnerability they exploited in the attack was a flaw in Windows Print Spooler. More than a decade after the incident, the Microsoft printer services technology remains a popular target for attackers seeking to gain highly privileged access on enterprise networks. READ MORE...
- ...in 1927, sculptor Gutzon Borglum begins carving the heads of four US presidents on Mount Rushmore.
- ...in 1957, Sputnik I is launched, making it the first artificial satellite to orbit the Earth.
- ...in 1965, Pope Paul VI arrives in New York, the first Catholic pontiff ever to visit the United States and the Western hemisphere.
- ...in 2004, SpaceShipOne wins the Ansari X Prize, by being the first privately-funded craft to fly into space.