<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 12/03/2020



Aircraft maker Embraer admits hackers breached its systems and stole data

Embraer, a Brazilian manufacturer of aircraft, has disclosed that hackers managed to breach its computer systems, and steal data. Although Embraer may not be a household name, it is the world's third-largest producer of civil aircraft (after Boeing and Airbus), having delivered more than 8,000 aeroplanes to date. According to a press release issued by the firm, Embraer spotted it was being attacked on November 25 2020. READ MORE...

North Korean hackers ramp up coronavirus vaccine targeting

North Korean hackers have been on a bit of a coronavirus vaccine hacking spree. An espionage shop with suspected ties to the North Korean government has been working to breach multiple pharmaceutical companies working on coronavirus treatments in the U.S. and South Korea over the last several months, according to The Wall Street Journal. Johnson & Johnson and Novavax - both U.S.-based firms working on COVID-19 vaccines - have reportedly been targeted, as have South Korea-based Genexine. READ MORE...


Ransomware gang says they stole 2 million credit cards from E-Land

Clop ransomware is claiming to have stolen 2 million credit cards from E-Land Retail over a one-year period ending with last months ransomware attack. E-Land Retail, a subsidiary of E-Land Global, operates numerous retail clothing stores, including New Core and NC Department Store. Last month, E-Land Retail had to shut down 23 NC Department Store and New Core locations after suffering a CLOP ransomware attack. At the time of the attack, E-Land Retail stated that sensitive customer data was safe. READ MORE...

K12 online schooling giant pays Ryuk ransomware to stop data leak

Online education giant K12 Inc. has paid a ransom after their systems were hit by Ryuk ransomware in the middle of November. K12 creates tailored online learning curriculums for students to learn from home while in kindergarten through 12th grade. Over 1 million students have utilized K12 to learn from home rather than in traditional public school environments. K12 announced this week that they suffered a ransomware attack in mid-November that caused them to lock down some of their IT systems. READ MORE...

Spotify Wrapped 2020 Rollout Marred by Pop Star Hacks

In the midst of its popular Spotify Wrapped 2020 playlist rollout of the year's most popular songs, the streaming service is grappling with a security breach, which affected the pages of some of its biggest stars, including Lana Del Rey, Dua Lipa, Future, Pop Smoke and others. Spotify is the most popular music streaming service in the world with 320 million users, according to the company. The target of the attack, according to the BBC, was a Spotify site specifically. READ MORE...

Software Updates

TrickBot Malware Scans Systems for UEFI/BIOS Vulnerabilities

TrickBot has been updated with functionality that allows it to scan the UEFI/BIOS firmware of the targeted system for vulnerabilities, security researchers have discovered. Around since 2016, the malware recently survived a takedown attempt that resulted in most of its command and control (C&C) domains becoming unresponsive. Since then, however, it received several updates that allow it not only to continue operation, but also to better survive similar attempts. READ MORE...


Mac users warned of more Ocean Lotus malware targeted attacks

Researchers at Trend Micro are warning of the latest incarnation of a backdoor trojan horse that has been used in the past to target Mac users. The Ocean Lotus gang, also known as APT 32, has previously been linked to the Vietnamese government and watering hole attacks that compromised websites belonging to the likes of Camodbia's Ministry of Defence, and various Vietnamese online newspapers and blogs. READ MORE...

Information Security

HMRC phishing scam abuses mail service to bypass spam filters

Threat actors are exploiting legitimate SendGrid mailing service to spoof HMRC phishing emails that bypass spam filters. The known issue has been repeatedly exploited by scammers to evade detection from email security products, yet no concrete solution has been found yet. SendGrid is an email delivery company providing infrastructure for sending out newsletters, promotional emails, and operational business emails such as shipping notifications. READ MORE...


One of the Internet's most aggressive threats could take UEFI malware mainstream

One of the Internet's most aggressive threats has just gotten meaner, with the ability to infect one of the most critical parts of any modern-day computer. Trickbot is a piece of malware that's notable for its advanced capabilities. Its modular framework excels at gaining powerful administrator privileges, spreading rapidly from computer to computer in networks and performing reconnaissance that identifies infected computers belonging to high-value targets. READ MORE...

Xerox DocuShare Bugs Allow Data Leaks

Xerox issued a fix for two vulnerabilities impacting its market-leading DocuShare enterprise document management platform. The bugs, if exploited, could expose DocuShare users to an attack resulting in the loss of sensitive data. On Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) issued a security bulletin urging users and administrators to apply a patch that plugged two security holes in recently released versions (6.6.1, 7.0, and 7.5) of Xerox's DocuShare. READ MORE...

On This Date

  • ...in 1930, French New Wave filmmaker Jean-Luc Godard ("Breathless", "Pierrot le Fou") is born in Paris.
  • ...in 1967, 53-year-old Lewis Washkansky receives the first human heart transplant in Cape Town, South Africa.
  • ...in 1968, Elvis Presley's '68 Comeback Special first airs on NBC.
  • ...in 1994, Sony releases the original PlayStation, the first home video game system to sell over 100 million units.