IT Security Newsletter - 11/17/2023
U.S. officials urge more information sharing on prolific cybercrime group
U.S. government officials are struggling to determine the full scope of hacking activity carried out by an aggressive group that has rocketed to public prominence after breaching two Las Vegas resort operators, U.S. law enforcement and cybersecurity officials said during a briefing with reporters Thursday. Senior FBI officials declined to share details on the status of their investigation targeting a group known as Scattered Spider. READ MORE...
Toyota confirms breach after Medusa ransomware threatens to leak data
Toyota Financial Services (TFS) has confirmed that it detected unauthorized access on some of its systems in Europe and Africa after Medusa ransomware claimed an attack on the company. Toyota Financial Services, a subsidiary of Toyota Motor Corporation, is a global entity with a presence in 90% of the markets where Toyota sells its cars, providing auto financing to its customers. READ MORE...
British Library: Ongoing outage caused by ransomware attack
The British Library confirmed that a ransomware attack is behind a major outage that is still affecting services across several locations. Over 11 million visitors use the library's website annually, with more than 16,000 people using its collections daily (onsite and online). Its collection includes over 150 million items archived on 625 kilometers of shelves. Annually, roughly 3 million new items are added to the collection. READ MORE...
Ransomware group reports victim it breached to SEC regulators
One of the world's most active ransomware groups has taken an unusual-if not unprecedented-tactic to pressure one of its victims to pay up: reporting the victim to the US Securities and Exchange Commission. The pressure tactic came to light in a post published on Wednesday on the dark web site run by AlphV, a ransomware crime syndicate that's been in operation for two years. READ MORE...
Massive cryptomining rig discovered under Polish court's floor, stealing power
Police were called to dismantle a secret cryptomining rig winding throughout the floors and ventilation ducts of a Polish court in September, according to Polish news channel TVN24. Several secured computers were discovered, potentially stealing thousands of Polish Zlotys worth of energy per month (the equivalent of roughly $250 per 1,000 Zlotys.) It's currently unknown how long the rig was running because the illegal operation went undetected. READ MORE...
AI disinformation campaigns pose major threat to 2024 elections
AI, post-quantum cryptography, zero trust, cryptography research, and election security will shape cybersecurity strategies in the present and for 2024, according to NTT. As the world emerged from the pandemic and continued to adapt to the rapid implementation of digital transformation, businesses witnessed the rise of sophisticated ransomware attacks, state-sponsored cyber espionage and the constant need to secure the ever-expanding IoT. READ MORE...
Zimbra Zero-Day Exploited to Hack Government Emails
Google's Threat Analysis Group (TAG) revealed on Thursday that a Zimbra Collaboration Suite zero-day was exploited earlier this year to steal email data from government organizations in several countries. The existence of the vulnerability, tracked as CVE-2023-37580, became public in mid-July, when Zimbra notified customers of its email server solution. The flaw allows an attacker to execute malicious code by sending emails containing specially crafted URLs to the targeted organization. READ MORE...
CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability
The US cybersecurity agency CISA added Sophos, Oracle and Microsoft product flaws to its Known Exploited Vulnerabilities (KEV) catalog on Thursday. The Sophos flaw that the agency says has been exploited in attacks is CVE-2023-1671, a critical Sophos Web Appliance vulnerability that can be exploited by an unauthenticated attacker for arbitrary code execution. Sophos announced patches in April, when it also informed customers that the impacted appliance would reach end of life on July 20, 2023. READ MORE...
Unpatched Critical Vulnerabilities Open AI Models to Takeover
Researchers have identified nearly a dozen critical vulnerabilities in the infrastructure used by AI models (plus three high- and two medium-severity bugs), which could leave companies at risk as they race to take advantage of AI. Some of them remain unpatched. The affected platforms are used for hosting, deploying, and sharing large language models (LLM), and other ML platforms and AIs. READ MORE...
- ...in 1869, the Suez Canal opens in Egypt, linking the Mediterranean Sea and Red Sea.
- ...in 1942, American film director and producer Martin Scorsese ("Taxi Driver", "Goodfellas") is born in Queens, New York.
- ...in 1950, 15-year-old Tenzin Gyatso is enthroned as Tibet's 14th Dalai Lama.
- ...in 1978, the infamous "Star Wars Holiday Special" airs only once on CBS, but is not forgotten thanks to videotape and Youtube. Happy Life Day, everyone!