<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 11/30/2023

SHARE

Breaches

2 municipal water facilities report falling to hackers in separate breaches

In the stretch of a few days, two municipal water facilities that serve more than 2 million residents in parts of Pennsylvania and Texas have reported network security breaches that have hamstrung parts of their business or operational processes. In response to one of the attacks, the Municipal Water Authority of Aliquippa in western Pennsylvania temporarily shut down a pump providing drinking water from the facility's treatment plant to the townships of Raccoon and Potter. READ MORE...


Dollar Tree hit by third-party data breach impacting 2 million people

Discount store chain Dollar Tree was impacted by a third-party data breach affecting 1,977,486 people after the hack of service provider Zeroed-In Technologies. Dollar Tree is a discount retail company that operates the Dollar Tree and Family Dollar stores in 23,000 locations in the United States and Canada. According to a data breach notification shared with the Maine Attorney General, Dollar Tree's service provider, Zeroed-In, suffered a security incident between August 7 and 8, 2023. READ MORE...

Hacking

Japanese Space Agency JAXA hacked in summer cyberattack

The Japan Aerospace Exploration Agency (JAXA) was hacked in a cyberattack over the summer, which may have put sensitive space-related technology and data at risk. The security breach was discovered this autumn when law enforcement authorities alerted Japan's space agency that its systems were compromised. Confirming the infiltration, Chief Cabinet Secretary of Japan Hirokazu Matsuno revealed in a press conference that the attackers gained access to the agency's Active Directory (AD) server. READ MORE...

Trends

For financial services firms, a pattern of malicious cyber activity is emerging

The suspected ransomware attack against Fidelity National Financial comes amid a backdrop of heightened threat activity targeting the financial services industry. Fidelity, one of the nation's largest title insurance companies, shut down some of its systems last week after a suspected threat group gained access to the company's systems and stole credentials. The incident comes just weeks after a suspected ransomware attack against the U.S. trading arm of the Industrial and Commercial Bank of China. READ MORE...

Malware

Why Ransomware Could Surge in the Middle East & Africa

Cybercrime - and especially ransomware - traditionally have had an uneven impact across the Middle East and Africa (ME&A), yet recent data suggests that ongoing geopolitical conflicts will likely raise the overall level of cyberattacks across the regions. South Africa saw a significant surge in attacks, with 78% of companies hit by ransomware in 2023, compared to 51% in 2022, according to the State of Ransomware 2023 report published by Sophos earlier this year. READ MORE...


Black Basta ransomware operation nets over $100M from victims in less than two years

The Black Basta ransomware group has reportedly generated upwards of $100 million in revenue since it started operations in April 2022. Joint research from Corvus Insurance and blockchain analysis company Elliptic estimates the crew has scooped up at least $107 million in criminal proceeds after analyzing payments made to its known cryptocurrency wallet addresses. Black Basta is believed to be a ransomware offshoot of the former Conti group, assembled before its closure in May 2022. READ MORE...

Exploits/Vulnerabilities

Weak session keys let snoops take a byte out of your Bluetooth traffic

Multiple Bluetooth chips from major vendors such as Qualcomm, Broadcom, Intel, and Apple are vulnerable to a pair of security flaws that allow a nearby miscreant to impersonate other devices and intercept data. The weaknesses were identified by Daniele Antonioli, an assistant professor at French graduate school and research center EURECOM's software and system security group. READ MORE...

On This Date

  • ...in 1835, author Samuel Langhorne Clemens, better known by the pen name Mark Twain, is born in Missouri.
  • ...in 1955, actor Kevin Conroy, the voice of Batman in dozens of animated films, TV series, and video games, is born in Westbury, NY.
  • ...in 1982, Michael Jackson's "Thriller", the best-selling album of all time, is released.
  • ...in 1995, Operation Desert Storm officially ends, more than four years after the end of its six-week combat phase in January/February 1991.