<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 11/11/2021

SHARE

Top News

Hacker-for-Hire Group Spied on More Than 3,500 Targets in 18 Months

A Russian-speaking hacker-for-hire group has been quietly spying on thousands of individuals and organizations worldwide and selling highly private information about them to various customers, motivated by financial gain and by politically driven agendas. Researchers from Trend Micro who have been tracking the cyber-mercenary group's activities have called it Void Balaur after a legendary multiheaded creature in Eastern European folklore. READ MORE...

Hacking

FBI warns of Iranian hackers looking to buy US orgs' stolen data

The Federal Bureau of Investigation (FBI) warned private industry partners of attempts by an Iranian threat actor to buy stolen information regarding US and worldwide organizations. The warning came in a private industry notification (PIN) marked as TLP:AMBER, seen by BleepingComputer earlier this week. According to the FBI, the threat actor will likely use the leaked data (e.g., emails and network info) bought from clear and dark web sources to breach the systems of related organizations. READ MORE...


Telnyx is the latest VoIP provider hit with DDoS attacks

Telnyx is the latest VoIP telephony provider targeted with distributed denial-of-service (DDoS) attacks, causing worldwide outages since yesterday. Telnyx is a voice over Internet Protocol (VoIP) company that provides worldwide telephony services over the Internet, including in the Americas, EMEA, APAC, and Australia regions. Starting November 9th at approximately 11 PM EST, Telnyx was targeted with a DDoS attack causing all telephony services to fail or be delayed. READ MORE...

Trends

Gmail accounts are used in 91% of all baiting email attacks

Bait attacks are on the rise, and it appears that actors who distribute this special kind of phishing emails prefer to use Gmail accounts to conduct their attacks. According to a report by Barracuda, who surveyed 10,500 organizations, 35% of them received at least one bait attack email in September 2021 alone. A "bait attack" is a sub-class of phishing where threat actors attempt to gather basic information about a specific target and use it for more targeted and effective attacks in the future. READ MORE...

Software Updates

Massive Zero-Day Hole Found in Palo Alto Security Appliances

Researchers have developed a working exploit to gain remote code execution (RCE) via a massive vulnerability in a security appliance from Palo Alto Networks (PAN), potentially leaving 10,000 vulnerable firewalls with their goods exposed to the internet. The critical zero day, tracked as CVE 2021-3064 and scoring a CVSS rating of 9.8 out of 10 for vulnerability severity, is in PAN's GlobalProtect firewall. READ MORE...


VMware Working on Patches for Serious vCenter Server Vulnerability

VMware announced on Wednesday that it's working on patches for a potentially serious privilege escalation vulnerability affecting vCenter Server. The vulnerability is tracked as CVE-2021-22048 and it has been assigned an "important" severity rating, which is equivalent to "high severity" based on its CVSS score of 7.1. "The vCenter Server contains a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism," VMware said in its advisory. READ MORE...

Information Security

SMS About Bank Fraud as a Pretext for Voice Phishing

Most of us have probably heard the term "smishing" - which is a portmanteau for traditional phishing scams sent through SMS text messages. Smishing messages usually include a link to a site that spoofs a popular bank and tries to siphon personal information. But increasingly, phishers are turning to a hybrid form of smishing - blasting out linkless text messages about suspicious bank transfers as a pretext for immediately calling and scamming anyone who responds via text. READ MORE...

Exploits/Vulnerabilities

Critical Flaw in WordPress Plugin Leads to Database Wipe

A major security vulnerability in the WP Reset PRO WordPress plugin could be exploited by an authenticated user to wipe the entire database of a website, according to a warning from researchers at Packstack (formerly WebARX). The issue can be exploited by any authenticated user, regardless of their authorization, to wipe all tables in a WordPress installation's database. READ MORE...


Critical Citrix DDoS Bug Shuts Down Network, Cloud App Access

A critical security bug in the Citrix Application Delivery Controller (ADC) and Citrix Gateway could allow cyberattackers to crash entire corporate networks without needing to authenticate. The two affected Citrix products (formerly the NetScaler ADC and Gateway) are used for application-aware traffic management and secure remote access, respectively. The federated working specialist pushed out a security patch on Tuesday for the vulnerability. READ MORE...

On This Date

  • ...in 1918, Germany signs an armistice agreement with the Allies, ending World War I.
  • ...in 1921, the Tomb of the Unknowns is dedicated at Arlington National Cemetery.
  • ...in 1922, writer Kurt Vonnegut, Jr. ("Slaughterhouse-Five", "Cat's Cradle") is born in Indianapolis, IN.
  • ...in 1925, actor/comedian Jonathan Winters ("It's a Mad, Mad, Mad, Mad World", "Mork & Mindy") is born in Belbrook, Ohio.