Details of Attack on Electric Utility Emerge
For the first time, a malware attack is known to have caused service disruptions of the power grid in three states. The March 5 distributed denial-of-service (DDoS) attack against a Salt Lake City-based renewable energy developer triggered communications outages over the course of 12 hours that affected electric utilities in Utah, Wyoming, and California.
BlueKeep Attacks Have Arrived, Are Initially Underwhelming
The wave of BlueKeep attacks that security experts predicted could take down systems globally have arrived, but they are not in showing the form nor the destructive impact experts initially feared. Security researchers have seen evidence of the first wave of attacks on the zero-day Windows Remote Desktop vulnerability revealed by Microsoft in May. At the time experts said BlueKeep posed threat to millions of internet-connected systems, with the capability to spread an automated worm from computer to computer, including nearly 1 million endpoints connected to the Internet of Things (IoT).
BEC Fraudsters Divert $742,000 from Ocala City in Florida
The City of Ocala in Florida fell victim to a business email compromise scam (BEC) that ended with redirecting over $742,000 to a bank account controlled by the fraudster(s). The swindle involved a phishing email impersonating an employee of a construction company the city is using to build a new terminal at the Ocala International Airport. It started in September when a city senior accounting specialist received an email from a counterpart at Ausley Construction further payments be sent to a different bank account than the regular one.
Two men plead guilty to 2016 Uber and LinkedIn hacks
Two men have pleaded guilty to a 2016 hack against systems belonging to Uber and LinkedIn and to holding stolen data to ransom. Florida resident Brandon Glover and Canadian Vasile Mereacre appeared in court on Wednesday on charges of extortion and computer hacking. The pair confessed that they used Amazon Web Service credentials to access customer data from both companies and demanded bitcoin payments for its deletion.
Chrome Zero-Day Vulnerability Exploited in Korea-Linked Attacks
Google on Thursday patched a Chrome zero-day vulnerability that has been exploited to deliver malware in a campaign that shares similarities with previous Korea-linked attacks. Chrome 78.0.3904.87 for Windows, macOS and Linux patches two vulnerabilities. One of them is CVE-2019-13720, which Google has described as a high-severity use-after-free bug in the browser’s audio component. The tech giant says it’s aware of reports that the security flaw has been exploited in the wild.
Office for Mac Users Warned of Malicious SYLK Files
Microsoft Office for Mac users are being warned that malicious SYLK files are sneaking past endpoint defenses even when the “disable all macros without notification” is turned on. This leaves systems vulnerable to a remote, unauthenticated attackers who can execute arbitrary code. The warning comes from United States Computer Emergency Readiness Team (US-CERT), which said that symbolic link (SYLK) files can contain dangerous Extensible Markup Language (XML) macros.
