<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 11/12/2021

Breaches

Booking[.]com was reportedly hacked by a US intel agency but never told customers

A hacker working for a US intelligence agency breached the servers of Booking[.]com in 2016 and stole user data related to the Middle East, according to a book published on Thursday. The book also says the online travel agency opted to keep the incident secret. Amsterdam-based Booking[.]com made the decision after calling in the Dutch intelligence service, known as AIVD, to investigate the data breach. On the advice of legal counsel, the company didn't notify affected customers or the Dutch authorities. READ MORE...

Hacking

Russian 'King of Fraud' sentenced to 10 years for Methbot scheme

The U.S. Department of Justice (DOJ) sentenced a Russian man for operating a large-scale digital advertising fraud scheme called 'Methbot' that stole at least $7 million from American companies. Aleksandr Zhukov, aka the "King of Fraud," was sentenced to 10 years of imprisonment in the U.S. and ordered to forfeit the total sum of his assets, amounting to $3,827,493. READ MORE...


Hackers undetected on Queensland water supplier server for 9 months

Hackers stayed hidden for nine months on a server holding customer information for a Queensland water supplier, illustrating the need of better cyberdefenses for critical infrastructure. SunWater is Australian government-owned water supplier responsible for operating 19 major dams, 80 pumping stations, and 1,600 miles long pipelines. According to the annual financial audit report that was published by the Queensland Audit Office yesterday, SunWater was breached for nine months. READ MORE...


'Lyceum' Threat Group Broadens Focus to ISPs

"Lyceum," an advanced persistent threat actor associated with numerous attacks on telecom organizations and oil and natural gas companies in the Middle East since 2017, has recently begun targeting Internet service providers (ISPs) and government organizations. The increased focus on ISPs appears to be part of the group's effort to compromise organizations in order to gain access to a broad set of customers and subscribers, according to a new report this week from Accenture and Prevailion on Lyceum's activities. READ MORE...

Software Updates

Zero-day bug in all Windows versions gets free unofficial patch

A free and unofficial patch is now available for a zero-day local privilege escalation vulnerability in the Windows User Profile Service that lets attackers gain SYSTEM privileges under certain conditions. The bug, tracked as CVE-2021-34484, was incompletely patched by Microsoft during the August Patch Tuesday. The company only addressed the impact of the proof-of-concept (PoC) provided by security researcher Abdelhamid Naceri who reported the issue. READ MORE...

Malware

Millions of Routers, IoT Devices at Risk from New Open-Source Malware

Newly surfaced malware that is difficult to detect and written in Google's open-source programming language has the potential to exploit millions of routers and IoT devices, researchers have found. Discovered by researchers at AT&T AlienLabs, BotenaGo can exploit more than 30 different vulnerabilities to attack a target, Ofer Caspi, a security researcher at Alien Labs, wrote in a blog post published Thursday. READ MORE...

Exploits/Vulnerabilities

macOS Zero-Day Exploited to Deliver Malware to Users in Hong Kong

Google on Thursday shared details about a recent attack that exploited a zero-day vulnerability in macOS to deliver malware to users in Hong Kong. According to Google, the attack, discovered in late August, was likely conducted by a well-resourced state-sponsored threat group which, based on the quality of their code, had access to their own software engineering team. READ MORE...


AMD reveals an EPYC 50 flaws - 23 of them rated High severity. Intel has 25 problems, too

Microsoft may have given us a mere 55 CVEs to worry about on November's Patch Tuesday, but AMD and Intel have topped that number with fixes for their products. AMD alone dropped 50 new CVEs on Thursday, 23 of them rated of "High" concern, meaning they're rated at between 7.0 and 8.9 on the Common Vulnerability Scoring System. Let's start with the 27 flaws in the AMD Graphics Driver for Windows 10 - 18 of them rated High. READ MORE...


Back-to-Back PlayStation 5 Hacks Hit on the Same Day

A pair of PlayStation 5 breaches shows the consoles don't have protection from attackers taking over its most basic functions. Both exploits were posted on Twitter on Nov. 7 without disclosure to Sony or specifics, but they nonetheless signal potential security problems to come for the gaming giant. FailOverFlow, which has already earned a reputation as a prolific PlayStation jailbreaker group, posted a Nov. 7 tweet which appeared to contain the PS5 firmware symmetric root keys: READ MORE...

On This Date

  • ...in 1954, Ellis Island closes after processing more than 12,000,000 immigrants to the United States.
  • ...in 1961, gymnast and five-time Olympic medalist Nadia Comaneci, the first competitor to be awarded a perfect score of 10.0, is born in Onesti, Romania.
  • ...in 1980, the space probe Voyager I makes its closest approach to Saturn and takes the first images of its rings.
  • ...in 1990, English computer scientist Tim Berners-Lee publishes a formal proposal for the World Wide Web.