IT Security Newsletter - 11/3/2023
Boeing confirms cyberattack, global services disrupted
Boeing confirmed a cyberattack is impacting its global services division, five days after a prolific Russia-affiliated ransomware group claimed responsibility for an attack against the multinational aerospace company. "We are aware of a cyber incident impacting elements of our parts and distribution business," a Boeing spokesperson said via email on Wednesday. "This issue does not affect flight safety." READ MORE...
Russian Reshipping Service 'SWAT USA Drop' Exposed
One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Here's a closer look at the Russia-based SWAT USA Drop Service, which currently employs more than 1,200 people across the United States who are knowingly or unwittingly involved in reshipping expensive consumer goods purchased with stolen credit cards. READ MORE...
Microsoft upgrades security for signing keys in wake of Chinese breach
Microsoft announced on Thursday that it will update security protections for signing keys after coming under criticism from policymakers that deficient security controls allowed Chinese hackers to steal an encryption key, an incident that facilitated an espionage campaign targeting senior U.S. officials. To combat hacking campaigns targeting the identity of users, Microsoft said it would move signing keys into a so-called "hardware security module." READ MORE...
BlackCat ransomware claims breach of healthcare giant Henry Schein
The BlackCat (ALPHV) ransomware gang claims it breached the network of healthcare giant Henry Schein and stole dozens of terabytes of data, including payroll data and shareholder information. Henry Schein is a healthcare solutions provider and a Fortune 500 company with operations and affiliates in 32 countries and revenue of over $12 billion in 2022. The company disclosed on October 15 that it was forced to take some systems offline to contain a cyberattack. READ MORE...
Spyware Designed for Telegram Mods Also Targets WhatsApp Add-Ons
Kaspersky researchers have discovered that attackers are distributing spyware that stealthily gathers private data from users of WhatsApp on Android devices, through the same mods earlier discovered for the competing Telegram service. In a bulletin posted on Nov. 2, Kaspersky counted 340,000 attempts at distributing the spyware via the WhatsApp mod. Dmitry Kalinin, a Kaspersky security expert, believes the actual number of attempted attacks is greater. READ MORE...
Should you allow your browser to remember your passwords?
At Malwarebytes we've been telling people for years not to reuse passwords, and that a password manager is a secure way of remembering all the passwords you need for your online accounts. But we also know that a password manager can be overwhelming, especially when you're just getting started. Once you've stored your tens or even hundreds of passwords, a password manager is relatively convenient to use and keep updated. READ MORE...
Cloudflare Dashboard and APIs down after data center power outage
An ongoing Cloudflare outage has taken down many of its products, including the company's dashboard and related application programming interfaces (APIs) customers use to manage and read service configurations. The complete list of services whose functionality is wholly or partially impacted includes the Cloudflare dashboard, the Cloudflare API, Logpush, WARP / Zero Trust device posture, Stream API, Workers API, and the Alert Notification System. READ MORE...
This tiny device is sending updated iPhones into a never-ending DoS loop
One morning two weeks ago, security researcher Jeroen van der Ham was traveling by train in the Netherlands when his iPhone suddenly displayed a series of pop-up windows that made it nearly impossible to use his device. "My phone was getting these popups every few minutes and then my phone would reboot," he wrote to Ars in an online interview. "I tried putting it in lock down mode, but it didn't help." READ MORE...
FTX crypto-villain Sam Bankman-Fried convicted on all charges
Sam Bankman-Fried, the founder and former CEO of crypto exchange FTX and trading firm Alameda Research, has been found guilty of seven criminal charges. FTX was once valued at $32 billion, and Bankman-Fried was fêted as a visionary thanks in part to his willingness to spruik his firm, and crypto, to almost anyone willing to put a microphone in front of his face. FTX also spent lavishly on sponsorships and political donations, building a brand that stood out in the scrappy world of cryptocurrency. READ MORE...
- ...in 1908, Cincinnati-born William Howard Taft is elected as the 27th President of the United States of America.
- ...in 1931, the first commercially produced synthetic rubber manufactured.
- ...in 1952, Clarence Birdseye first markets frozen peas.
- ...in 1957, The Soviet Union launches Sputnik 2. On board is the first animal to enter orbit: a dog named Laika.