IT Security Newsletter - 10/4/2024
DOJ, Microsoft seize more than 100 domains used by the FSB
Microsoft and the U.S. Department of Justice on Thursday announced the seizure of more than 100 domains used by a Russian-backed hacking unit to target more than two dozen civil society organizations between January 2023 and August 2024. Microsoft's Digital Crimes Unit filed a lawsuit with the NGO Information Sharing and Analysis Center (NGO-ISAC) to seize 66 unique domains used by a hacking group Microsoft tracks as Star Blizzard but which [has been] attributed to the Russian FSB. READ MORE...
Former Mesa County clerk sentenced to 9 years for 2020 voting system breach
Tina Peters, a former county clerk for Mesa County, Colo., was sentenced to nine years in prison after being convicted earlier this year on seven felony counts for facilitating a data breach involving voting system data in the wake of the 2020 presidential election. The incident is widely viewed as one of the most serious breaches of election systems in modern history, illustrating how false election fraud claims fueled by then-President Donald Trump led allies to cross serious legal boundaries. READ MORE...
Over 4,000 Adobe Commerce, Magento shops hacked in CosmicSting attacks
Adobe Commerce and Magento online stores are being targeted in "CosmicSting" attacks at an alarming rate, with threat actors hacking approximately 5% of all stores. The CosmicSting vulnerability (CVE-2024-34102) is a critical severity information disclosure flaw, when chained with CVE-2024-2961, a security issue in glibc's iconv function, an attacker can achieve remote code execution on the target server. READ MORE...
Separating the bee from the panda: CeranaKeeper making a beeline for Thailand
ESET researchers observed several campaigns targeting governmental institutions in Thailand, starting in 2023. These attacks leveraged revamped versions of components previously attributed by other researchers to the China-aligned advanced persistent threat (APT) group Mustang Panda, and later, a new set of tools that abuse service providers such as Pastebin, Dropbox, OneDrive, and GitHub to execute commands on compromised computers and exfiltrate sensitive documents. READ MORE...
October 2024 Patch Tuesday forecast: Recall can be recalled
October arrived, and Microsoft started the month by announcing the release of Windows 11 24H2. The preview versions of this release have been in the news due to many innovations and one controversial feature. This OS was released in May for Microsoft's new Copilot+ PCs, powered by a neural processing unit (NPU), several features are unique to that platform. Now available for systems that meet the hardware requirements, it includes many new security features. READ MORE...
Apple fixes bug that let VoiceOver shout your passwords
Apple just fixed a duo of security bugs in iOS 18.0.1 and iPadOS 18.0.1, one of which might cause users' saved passwords to be read aloud. It's hardly an ideal situation for the visually impaired. For those who rely on the accessibility features baked into their iGadgets, namely Apple's VoiceOver screen reader, now is a good time to apply the latest update. In typical Apple fashion, the company hasn't released much in the way of details about the first security issue. READ MORE...
Near-'perfctl' Fileless Malware Targets Millions of Linux Servers
A multipurpose and mysterious malware dropper has been terrorizing Linux servers worldwide for years, infecting untold thousands of victims with cryptomining and proxyjacking malware. A fresh analysis has exposed its secrets - and a vast treasure trove of tens of thousands of exploit paths for compromising its targets. It's been some time now that individuals have been reporting cases of "perfctl" (aka perfcc) eating up all their compute power. READ MORE...
United Airlines leaned on real-time data to recover from the CrowdStrike outage
United Airlines wasn't thinking about software updates, threat detection or IT outages when it prioritized real-time data capabilities in its technology strategy. CIO Jason Birnbaum had customer experience enhancements and operational efficiencies top of mind. "Our customers wanted and craved information," said Birnbaum. "We needed better ways to deliver it faster and with more accuracy in a language that they understood - not just airline jargon." READ MORE...
Why trolls, extremists, and others spread conspiracy theories they don't believe
There has been a lot of research on the types of people who believe conspiracy theories, and their reasons for doing so. But there's a wrinkle: My colleagues and I have found that there are a number of people sharing conspiracies online who don't believe their own content. They are opportunists. These people share conspiracy theories to promote conflict, cause chaos, recruit and radicalize potential followers, make money, harass, or even just to get attention. READ MORE...
- ...in 1927, sculptor Gutzon Borglum begins carving the heads of four US presidents on Mount Rushmore.
- ...in 1957, Sputnik I is launched, making it the first artificial satellite to orbit the Earth.
- ...in 1965, Pope Paul VI arrives in New York, the first Catholic pontiff ever to visit the United States and the Western hemisphere.
- ...in 2004, SpaceShipOne wins the Ansari X Prize, by being the first privately-funded craft to fly into space.