IT Security Newsletter

IT Security Newsletter - 11/04/2020

Written by Cadre | Wed, Nov 4, 2020

Folksam data breach leaks info of 1M Swedes to Google, Facebook, more

Folksam, one of the largest insurance companies in Sweden, today disclosed a data breach affecting around 1 million Swedes after sharing customers' personal info with multiple technology giants. The insurer discovered the data breach after an internal audit according to Jens Wikström, Head of Marketing and Sales at Folksam, and reported the incident to the Swedish Data Protection Authority (Datainspektionen). "The companies that have received personal data from Folksam are, for example, Facebook [...]" READ MORE...

Blackbaud sued in 23 class action lawsuits after ransomware attack

Leading cloud software provider Blackbaud has been sued in 23 proposed consumer class action cases in the U.S. and Canada related to the ransomware attack that the company suffered in May 2020. Blackbaud has operations in countries around the world including the United States, the United Kingdom, Australia, and Canada. The ransomware attack directly responsible for the software provider being sued was disclosed by the company on July 16, 2020. READ MORE...

Leading toy maker Mattel hit by ransomware

Toy industry giant Mattel disclosed that they suffered a ransomware attack in July that impacted some of its business functions but did not lead to data theft. Mattel is the second-largest toymaker in the world with 24,000 employees and $5.7 billion in revenue for 2019. Mattel is known for its popular brands, including Barbie, Hot Wheels, Fisher-Price, American Girl, and Thomas & Friends. In a 10-Q form filed with the Securities and Exchange Commission (SEC), Mattel disclosed that it suffered a ransomware attack on July 28th, 2020. READ MORE...

Media Comms Giant Says Ransomware Hit Will Cost Millions

Media communications giant Isentia is reporting that its coffers will be emptied of as much as $6 million ($8.5 million AUS) in the wake of a ransomware attack last week. The company is a media-intelligence and data-analytics firm headquartered in Australia, with a presence throughout Southeast Asia. It's known for its Mediaportal platform, which aggregates news about customers' brands and is used by public relations and marketing teams globally. READ MORE...

REvil Ransomware Operator Bids for KPot Stealer Source Code

The source code for the KPot information stealer was put up for auction, with the REvil ransomware operators apparently being the sole bidders, threat intelligence provider Cyjax reports. Initially spotted in 2018 and offered as a Malware-as-a-Service (MaaS), KPot was designed to steal account information, as well as other types of data from browsers (e.g. cookies and autofill forms), messaging and email applications, and other software, including VPNs, RDP and FTP tools, cryptocurrency apps. READ MORE...

How to deal with the escalating phishing threat

In today's world, most external cyberattacks start with phishing. For attackers, it's almost a no-brainer: phishing is cheap and humans are fallible, even after going through anti-phishing training. Patrick Harr, CEO at SlashNext, says that while security awareness training is an important aspect of a multi-layered defense strategy, simulating attacks during computer-based training sessions is not an effective way to learn, because people don't necessarily retain the information. READ MORE...

Police to Livestream Ring Camera Footage of Mississippi Residents

Police in Mississippi are testing a program in which they can livestream video from Ring cameras installed at private homes and businesses. The move is sounding an alarm bell with the American Civil Liberties Union (ACLU) and other privacy advocates who have long disapproved of the Amazon-owned company's alliance with law enforcement. The program in Jackson, Miss., to use the Ring door cameras as part of surveillance efforts, is being touted as a new way to help police fight rising crime. READ MORE...

SaltStack reveals new critical vulnerabilities, patch now

SaltStack, a VMware-owned company, has revealed critical vulnerabilities impacting Salt versions 3002 and prior, with patches available as of today. Salt is an open-source IT infrastructure management solution written in Python that is widely used by data centers around the world. Users are therefore encouraged to patch their Salt instances immediately. From shell injection to authentication bypass: The three vulnerabilities disclosed today are as follows, with their severity mentioned in the respective parentheses. READ MORE...

New RegretLocker ransomware targets Windows virtual machines

A new ransomware called RegretLocker uses a variety of advanced features that allows it to encrypt virtual hard drives and close open files for encryption. RegretLocker was discovered in October and is a simple ransomware in terms of appearance as it does not contain a long-winded ransom note and uses email for communication rather than a Tor payment site. When encrypting files, it will append the innocuous-sounding .mouse extension to encrypted file names. READ MORE...

  • ...in 1916, American broadcast journalist Walter Cronkite, known as "the most trusted man in America", is born in Saint Joseph, MO.
  • ...in 1922, archaeologist Howard Carter's expedition finds the entrance to the tomb of of the Egyptian pharaoh Tutankhamun.
  • ...in 1979, the Iran hostage crisis begins when supporters of the Ayatollah Khomeini overrun the US embassy in Tehran, taking more than 90 hostages.
  • ...in 2010, former Cincinnati Reds manager George "Sparky" Anderson, who led the team to two consecutive championships in 1975 and 1976, passes away at his home.