<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 11/18/2021

Hacking

RedCurl corporate espionage hackers resume attacks with updated tools

A crew of highly-skilled hackers specialized in corporate espionage has resumed activity, one of their victims this year being a large wholesale company in Russia. Tracked as RedCurl, the group attacked the Russian business twice this year, each time using carefully constructed spear-phishing emails with initial-stage malware. Active since 2018, RedCurl is responsible for at least 30 attacks against businesses in Russia (18 of them), Ukraine, Canada, Norway, the UK, and Germany. READ MORE...


PerSwaysion Phishing Campaign Continues to Be an Active Threat for Organizations

A phishing kit that has been used in thousands of attacks worldwide has been active for significantly longer than previously thought - and it continues to pose a potent threat to organizations across multiple sectors, new analysis shows. The kit, named PerSwaysion, is designed to give cybercriminals a way to launch a phishing campaign relatively easily and with little up-front effort. READ MORE...


Netflix Bait: Phishers Target Streamers with Fake Service Signups

The past year's massive migration of movie and television audiences to streaming services has provided scammers with a sweet opportunity to launch phishing attempts to lure would-be subscribers into giving up their payment information. Where there's payment data, cybercriminals are sure to follow, Kaspersky's Leonid Grustniy pointed out in his latest report, warning about phishing campaigns disguised to look like Netflix, Amazon Prime and other streaming service offers. READ MORE...

Trends

The COVID-19 crisis has fueled the increase of cybercrime in all its forms

The accelerated digitalization related to the COVID-19 pandemic has significantly influenced the development of a number of cyber threats, according to the new edition of Europol's Internet Organised Crime Threat Assessment. Criminals have been quick to abuse the current circumstances to increase profits, spreading their tentacles to various areas and exposing vulnerabilities, connected to systems, hospitals or individuals. READ MORE...

Malware

Russian ransomware gangs start collaborating with Chinese hackers

?There's some unusual activity brewing on Russian-speaking cybercrime forums, where hackers appear to be reaching out to Chinese counterparts for collaboration. These attempts to enlist Chinese threat actors are mainly seen on the RAMP hacking forum, which is encouraging Mandarin-speaking actors to participate in conversations, share tips, and collaborate on attacks. READ MORE...

Exploits/Vulnerabilities

Microsoft Informs Users of High-Severity Vulnerability in Azure AD

Microsoft on Wednesday informed customers about a recently patched information disclosure vulnerability affecting Azure Active Directory (AD). Tracked as CVE-2021-42306 (CVSS score of 8.1), the vulnerability exists because of the manner in which Automation Account "Run as" credentials are created when a new Automation Account is set up in Azure. READ MORE...


FBI Warns of Actively Exploited FatPipe Zero-Day Vulnerability

The Federal Bureau of Investigation (FBI) this week sounded the alarm on a zero-day vulnerability in FatPipe products that has been under active exploitation since at least May 2021. No CVE identifier has been issued for the security error yet, but FatPipe, which specializes in SD-WAN solutions, did confirm that its WARP, MPVPN, and IPVPN devices are affected by the issue. READ MORE...

On This Date

  • ...in 1872, Susan B. Anthony and 14 other women are arrested for illegally voting in that year's US presidential election.
  • ...in 1928, Walt Disney releases "Steamboat Willie", the first animated cartoon with synchronized sound.
  • ...in 1953, comics writer Alan Moore, the creator of "Watchmen" and "V For Vendetta", is born in Northampton, England.
  • ...in 1966, Sandy Koufax, ace pitcher for the Los Angeles Dodgers, retires from baseball. He started as a basketball player for the University of Cincinnati Bearcats.