<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 11/19/2021

SHARE

Top News

Two Iranian hackers charged in sprawling effort to interfere in 2020 US election

A federal indictment unsealed Thursday accused two Iranian nationals of engaging in a sprawling effort to interfere in the 2020 U.S. elections - including by gaining access to confidential voter information from at least one state election website and attempting to access 11 states in total. The defendants, Seyyed Mohammad Hosein Musa Kazemi, 24, and Sajjad Kashian, 27, face charges of computer fraud, voter intimidation and transmission of interstate threats for the activity. READ MORE...

Breaches

California Pizza Kitchen Serves Up Employee SSNs in Data Breach

California Pizza Kitchen (CPK) served up more than tasty meals recently after a data breach exposed the names and Social Security numbers (SSNs) of more than 100,000 current and former employees. The "external system breach" occurred on Sept. 15 at the popular U.S. pizza chain and affected 103,767 people, according to a Data Breach Notification posted on the website of the Maine Attorney General. CPK, founded in Beverly Hills, Calif. in 1985, has more than 250 locations across 32 states. READ MORE...

Hacking

North Korean cyberspies target govt officials with custom malware

A state-sponsored North Korean threat actor tracked as TA406 was recently observed deploying custom info-stealing malware in espionage campaigns. The particular actor is attributed as one of several groups known as Kimsuky (aka Thallium). TA406has left traces of low-volume activity since 2018, primarily focusing on espionage, money-grabbing scams, and extortion. READ MORE...

Malware

Android malware BrazKing returns as a stealthier banking trojan

?The BrazKing Android banking trojan has returned with dynamic banking overlays and a new implementation trick that enables it to operate without requesting risky permissions. A new malware sample was analyzed by IBM Trusteer researchers who found it outside the Play Store, on sites where people end up after receiving smishing (SMS) messages. These HTTPS sites warn the prospective victim that they are using an outdated Android version and offer an APK that will allegedly update them to the latest version. READ MORE...


Hackers deploy Linux malware, web skimmer on e-commerce servers

Security researchers discovered that attackers are also deploying a Linux backdoor on compromised e-commerce servers after injecting a credit card skimmer into online shops' websites. The PHP-coded web skimmer (a script designed to steal and exfiltrate customers' payment and personal info) is added and camouflaged as a .JPG image file in the /app/design/frontend/ folder. The attackers use this script to download and inject fake payment forms on checkout pages displayed to customers by the hacked online shop. READ MORE...

Information Security

Thousands of Firefox users accidentally commit login cookies on GitHub

Thousands of Firefox cookie databases containing sensitive data are available on request from GitHub repositories, data potentially usable for hijacking authenticated sessions. These cookies.sqlite databases normally reside in the Firefox profiles folder. They're used to store cookies between browsing sessions. And they're findable by searching GitHub with specific query parameters, what's known as a search "dork." READ MORE...

On This Date

  • ...in 1863, President Lincoln delivers his historic Gettysburg Address at the dedication of the national cemetery at the battle site.
  • ...in 1959, the Ford Motor Company announces the discontinuation of the notoriously unpopular Edsel.
  • ...in 1969, Brazilian football star Pele scores his 1,000th career goal.
  • ...in 1985 President Ronald Reagan and Premier Mikhail Gorbachev hold their first summit meeting.