IT Security Newsletter - 11/28/2023
General Electric, DARPA Hack Claims Raise National Security Concerns
General Electric and the Defense Advanced Research Projects Agency (DARPA) have reportedly been breached, according to claims on the Dark Web that the organizations' highly sensitive stolen data is up for sale. A screen capture from the Dark Web ad shows a threat actor named IntelBroker selling access credentials, DARPA-related military information, SQL files, and more. GE confirmed to Dark Reading its knowledge of stolen data that's up for sale and that it's investigating the issue. READ MORE...
Hackers spent 2+ years looting secrets of chipmaker NXP before being detected
A prolific espionage hacking group with ties to China spent over two years looting the corporate network of NXP, the Netherlands-based chipmaker whose silicon powers security-sensitive components found in smartphones, smartcards, and electric vehicles, a news outlet has reported. The intrusion, by a group tracked under names including "Chimera" and "G0114," lasted from late 2017 to the beginning of 2020, according to Netherlands national news outlet NRC Handelsblad. READ MORE...
Should You Consolidate Security to Protect Your Hybrid Workforce?
In today's fast-changing world of hybrid networks and workforces, companies are at a pivotal moment for their security strategies. Everyone is exploring some form of cybersecurity transformation as legacy models show their age in the face of new threats and modern operations. With hybrid users accessing critical corporate data in various places-public clouds, Software-as-a-Service (SaaS) applications, on-premises data centers, and more-it's time to question the security status quo. READ MORE...
Healthcare giant Henry Schein hit twice by BlackCat ransomware
American healthcare company Henry Schein has reported a second cyberattack this month by the BlackCat/ALPHV ransomware gang, who also breached their network in October. Henry Schein is a Fortune 500 healthcare products and services provider with operations and affiliates in 32 countries and a revenue of over $12 billion reported in 2022. It first disclosed on October 15 that it had to take some systems offline to contain another cyberattack that impacted its business one day before. READ MORE...
Ardent Health Hospitals Disrupted After Ransomware Attack
Ardent Health Services, headquartered in Nashville, Tenn., and operating in six different states, fell victim to a ransomware attack in late November that has taken its entire network offline. Some 30 hospitals have been affected by this ransomware attack. While the attack didn't disrupt patient care in Ardent hospitals, those in need of emergency medical attention are being redirected to other hospitals, as are some patients scheduled for non-emergent, elective procedures. READ MORE...
Ransomware attack on indie game maker wiped all player accounts
A ransomware attack on the "Ethyrial: Echoes of Yore" MMORPG last Friday destroyed 17,000 player accounts, deleting their in-game items and progress in the game. Ethyrial: Echoes of Yore is a free-to-play old-school MMORPG developed by indie game publisher 'Gellyberry Studios.' The title is available on Steam as an 'Early Access' release, meaning it is still in an early development phase and relies on monthly subscriptions and community support to continue its development. READ MORE...
Europol shutters ransomware operation with kingpin arrests
International law enforcement investigators have made a number of high-profile arrests after tracking a major cybercrime group for more than four years. A joint investigation team (JIT), spearheaded by French authorities, formed in 2019 to bring down a ransomware group linked to major attacks across the world. Announcing the news today, Europol said that five individuals were arrested, including the 32-year-old leader of the group and four of its "most active accomplices." READ MORE...
Los Angeles SIM Swapper Sentenced to 8 Years in Prison
Amir Hossein Golshan, 25, of Los Angeles, was sentenced to 96 months in prison for perpetrating multiple cybercrime schemes, including one involving SIM swapping. Between April 2019 and February 2023, Golshan caused roughly $740,000 in losses to hundreds of victims, as a result of various online scams and unauthorized access to digital accounts. According to court documents, Golshan took over victims' social media accounts, impersonated Apple support, and engaged in Zelle payment fraud schemes. READ MORE...
Critical Vulnerability Found in Ray AI Framework
A critical vulnerability in Ray, an open source compute framework for AI, could allow unauthorized access to all nodes, cybersecurity firm Bishop Fox warns. Tracked as CVE-2023-48023, the bug exists because Ray does not properly enforce authentication on at least two of its components, namely the dashboard and client. A remote attacker can abuse this issue to submit or delete jobs without authentication. Furthermore, the attacker could retrieve sensitive information and execute arbitrary code. READ MORE...
Trio of major holes in ownCloud expose admin passwords, allow unauthenticated file mods
ownCloud has disclosed three critical vulnerabilities, the most serious of which leads to sensitive data exposure and carries a maximum severity score. The open source file-sharing software company said containerized deployments of ownCloud could expose admin passwords, mail server credentials, and license keys. Tracked as CVE-2023-49103, the vulnerability carries a maximum severity rating of 10 on the CVSS v3 scale and affects the garaphapi app version 0.2.0 to 0.3.0. READ MORE...
- ...in 1520, Portuguese navigator Ferdinand Magellan successfully navigates a passage between the Atlantic and Pacific oceans, later known as the Straits of Magellan.
- ...in 1925, the Grand Ole Opry makes its first live radio broadcast from Nashville.
- ...in 1950, actor Ed Harris ("The Right Stuff", "Westworld") is born in Englewood, NJ.
- ...in 1964, NASA launches the Mariner 4 probe to Mars. It would perform the first successful flyby of Mars, sending the first ever images of another planet taken from deep space.