<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 11/15/2022

Top News

How North Korea became a mastermind of crypto cybercrime

Created by a Vietnamese gaming studio, Axie Infinity offers players the chance to breed, trade, and fight Pokémon-like cartoon monsters to earn cryptocurrencies including the game's own "Smooth Love Potion" digital token. At one stage, it had more than a million active players. But earlier this year, the network of blockchains that underpin the game's virtual world was raided by a North Korean hacking syndicate, which made off with roughly $620 million in the ether cryptocurrency. READ MORE...

Breaches

Canadian Supermarket Chain Sobeys Hit by Ransomware Attack

Canadian supermarket and pharmacy chain Sobeys is recovering from a cyberattack that might have involved the Black Basta ransomware. Sobeys is the second largest supermarket chain in Canada and a wholly-owned subsidiary of Empire Company Limited, which operates more than 1,500 stores across the country, under brands such as Foodland, IGA, Lawtons, Needs, Safeway, and more. READ MORE...

Hacking

Chinese hackers target government agencies and defense orgs

A cyberespionage threat actor tracked as Billbug (a.k.a. Thrip, Lotus Blossom, Spring Dragon) has been running a campaign targeting a certificate authority, government agencies, and defense organizations in several countries in Asia. The most recent attacks were observed since at least March but the actor has been operating stealthily for more than a decade and it is believed to be a state-sponsored group working for China. READ MORE...


42,000 sites used to trap users in brand impersonation scheme

A malicious for-profit group named 'Fangxiao' has created a massive network of over 42,000 web domains that impersonate well-known brands to redirect users to sites promoting adware apps, dating sites, or 'free' giveaways. The imposter domains are used as part of what appears to be a massive traffic generation scheme that creates ad revenue for Fangxiao's own sites or more visitors for 'customers' who purchase traffic from the group. READ MORE...

Malware

Researchers Sound Alarm on Dangerous BatLoader Malware Dropper

A dangerous new malware loader with features for determining whether it's on a business system or a personal computer has begun rapidly infecting systems worldwide over the past few months. Researchers at VMware Carbon Black are tracking the threat, dubbed BatLoader, and say its operators are using the dropper to distribute a variety of malware tools including a banking Trojan, an information stealer, and the Cobalt Strike post-exploit toolkit on victim systems. READ MORE...


Russia-based Pushwoosh tricks US Army and others into running its code - for a while

US government agencies including the Army and Centers for Disease Control and Prevention pulled apps running Pushwoosh code after learning the software company - which presents itself as American - is actually Russian, according to Reuters. Pushwoosh is a software company that provides code and data analysis for developers so they can automate custom push notifications based on smartphone users' online activity. READ MORE...

Information Security

CISA wants to change how organizations prioritize vulnerabilities

Vulnerability management is a whac-a-mole pursuit for many organizations, but federal authorities are trying to change that. The Cybersecurity and Infrastructure Security Agency on Thursday released its guide for Stakeholder-Specific Vulnerability Categorization and outlined three areas of focus for continued improvement. The vulnerability-patch cycle places a heavy burden on cybersecurity professionals, and many organizations struggle to identify and patch the vulnerabilities that are most critical. READ MORE...


"Gucci Master" business email scammer Hushpuppi gets 11 years

He was sentenced under his real-life name of Ramon, but in back in his boastful days of pretending to be a seriously successful real estate agent based in Dubai, you may have seen and heard of him as Ray, or, to give him his full nickname, Ray Hushpuppi. To be clear, Ramon Olorunwa Abbas wasn't pretending to have lots of money, but he was pretending to have acquired his money by legitimate means. READ MORE...

Exploits/Vulnerabilities

Critical vulnerability in Spotify's Backstage discovered, patched

A critical unauthenticated remote code execution vulnerability in Spotify's Backstage project has been found and fixed, and developers are advised to take immediate action in their environments. Having more than 19,000 stars on Github, Backstage is one of the most popular open-source platforms for building developer portals and is in widespread use by Spotify, American Airlines, Netflix, Splunk, Fidelity Investments, Epic Games, Palo Alto Networks and many others. READ MORE...

On This Date

  • ...in 1916, "Peanuts" animator Jose "Bill" Melendez, who also voiced Snoopy and Woodstock, is born in Sonora, Mexico.
  • ...in 1926, The NBC radio network opens across 24 stations nationwide.
  • ...in 1929, actor Ed Asner ("The Mary Tyler Moore Show", "Elf") is born in Kansas City, MO.
  • ...in 1971, Intel releases the first commercially-available single-chip microprocessor, the 4004.