IT Security Newsletter

IT Security Newsletter - 11/16/2022

Written by Cadre | Wed, Nov 16, 2022

Top Zeus Botnet Suspect "Tank" Arrested in Geneva

Vyacheslav "Tank" Penchukov, the accused 40-year-old Ukrainian leader of a prolific cybercriminal group that stole tens of millions of dollars from small to mid-sized businesses in the United States and Europe, has been arrested in Switzerland, according to multiple sources. Penchukov was named in a 2014 indictment by the U.S. Department of Justice as a top figure in the JabberZeus Crew, a small but potent cybercriminal collective from Ukraine and Russia. READ MORE...

Chinese Cyberespionage Group 'Billbug' Targets Certificate Authority

A Chinese state-sponsored cyberespionage group tracked as Billbug has been observed targeting a certificate authority in Asia, along with other entities, Symantec reports. Also tracked as Lotus Blossom and Thrip, Billbug is an advanced persistent threat (APT) actor mainly targeting entities in Southeast Asia and the United States. It's believed to have been active since at least 2009. Starting March 2022, the group has been targeting multiple entities in Asia. READ MORE...

North Korean hackers target European orgs with updated malware

North Korean hackers are using a new version of the DTrack backdoor to attack organizations in Europe and Latin America. DTrack is a modular backdoor featuring a keylogger, a screenshot snapper, a browser history retriever, a running processes snooper, an IP address and network connection information snatcher, and more. Apart from spying, it can also run commands to perform file operations, fetch additional payloads, steal files and data, and execute processes on the compromised device. READ MORE...

Wipermania: Malware Remains a Potent Threat, 10 Years Since 'Shamoon'

Destructive wiper malware has evolved very little since the "Shamoon" virus crippled some 30,000 client and server systems at Saudi Aramco more than 10 years ago. Yet it remains as potent a threat as ever to enterprise organizations, according to a new study. Max Kersten, a malware analyst at Trellix, recently analyzed more than 20 wiper families that threat actors deployed in various attacks since the beginning of this year, i.e., malware that makes files irrecoverable or destroys whole computer systems. READ MORE...

High risk, critical vulnerabilities found in 25% of all software applications and systems

Among the vast majority of applications or systems, 95% have vulnerabilities, according to a report from the Synopsys Software Integrity Group. Across systems, one-fifth had high risk vulnerabilities and just under 5% were considered critical. Researchers conducted 4,400 tests on 2,700 software targets, including web applications, mobile applications, source code files or network systems. READ MORE...

Healthcare sector warned of Venus ransomware attacks

Healthcare organisations in the United States are being warned to be on their guard once again, this time against a family of ransomware known as Venus. An advisory from the United States Department of Health and Human Services (HHS) has warned that the cybercriminals behind the Venus ransomware have targeted at least one healthcare entity in the United States, and are known to be targeting publicly-exposed Remote Desktop Servers. READ MORE...

Researchers break security guarantees of TTE networking used in spacecraft

Wednesday's scheduled launch by NASA of the Artemis I mission will be the first integrated test of the agency's SLS rocket and Orion spacecraft, which have been in development for 16 years and are expected to usher in a new era of space exploration. The uncrewed mission will also be only the second time a network standard known as time-triggered Ethernet has been taken into space, with the first being Orion's orbital test flight in 2014. READ MORE...

Nasty SQL Injection Bug in Zendesk Endangers Sensitive Customer Data

Multiple security vulnerabilities in Zendesk's Web-based customer relationship management (CRM) platform could have allowed attackers to access sensitive information from potentially any customer account - a discovery that showcases application programming interface (API) endpoint weaknesses in enterprise software-as-a-solution (SaaS) applications. Researchers from Varonis Threat Labs discovered the issues in Zendesk Explore, a component of Zendesk's platform, they said in a blog post published Nov. 15. READ MORE...

  • ...in 1914, the federal reserve bank of the United States officially opens.
  • ...in 1916, actor Daws Butler, the voice of Yogi Bear, Huckleberry Hound and dozens of other characters, is born in Toledo, OH.
  • ...in 1952, game designer Shigeru Miyamoto, who created both "Super Mario Bros." and "The Legend of Zelda", is born in Kyoto, Japan.
  • ...in 1973, NASA launches Skylab 4. It was the final and longest manned mission of the Skylab program, lasting over 84 days in orbit.