<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 12/7/21

SHARE

Breaches

Cuba Ransomware Gang Hauls in $44M in Payouts

The "Cuba" ransomware gang has settled into a groove, compromising at least 49 entities in five critical sectors in the U.S. as of November, the FBI has warned. In a flash alert, the Feds attributed a rash of attacks on U.S. entities in the financial, government, healthcare, manufacturing and information technology sectors to the group. Collectively, the hits resulted in the extortion of $44 million in ransom payments. READ MORE...

Hacking

SolarWinds hackers have a whole bag of new tricks for mass compromise attacks

Almost exactly a year ago, security researchers uncovered one of the worst data breaches in modern history, if not ever: a Kremlin-backed hacking campaign that compromised the servers of network management provider SolarWinds and, from there, the networks of 100 of its highest-profile customers, including nine US federal agencies. Nobelium-the name Microsoft gave to the intruders-was eventually expelled, but the group never gave up. READ MORE...


Hackers Steal $150 Million Worth of Cryptocurrency From BitMart

Cryptocurrency trading platform BitMart on Sunday announced that it has suspended withdrawals after discovering a cybersecurity incident that resulted in the theft of roughly $150 million worth of assets. The platform claims that only the Ethereum (ETH) and Binance Smart Chain (BSC) hot wallets were impacted, and notes that the two wallets were compromised using stolen private keys. READ MORE...

Software Updates

Google Patches Serious Use-After-Free Vulnerabilities in Chrome

Google on Monday announced the rollout of a new security update for Chrome, to address 20 vulnerabilities in the browser, including 16 reported by external researchers. Of these 16 security errors, 15 are rated high severity. Nearly half of them are use-after-free bugs affecting various components of the browser. The most severe of these issues affects the web apps component. Tracked as CVE-2021-4052, it was reported by Wei Yuan of MoyunSec VLab, who received a $15,000 bug bounty payout for the finding. READ MORE...

Exploits/Vulnerabilities

Twitter bots pose as support staff to steal your cryptocurrency

Scammers monitor every tweet containing requests for support on MetaMask, TrustWallet, and other popular crypto wallets, and respond to them with scam links in just seconds. To conduct these targeted phishing attacks, scammers abuse Twitter APIs that allow them to monitor all public tweets for specific keywords or phrases. READ MORE...

On This Date

  • ...in 1941, a date which will live in infamy, Pearl Harbor is attacked in an air raid by the Imperial Forces of Japan, bringing the United States into World War II.
  • ...in 1949, singer-songwriter and actor Tom Waits ("Rain Dogs", "Down By Law") is born in Pomona, CA.
  • ...in 1965, actor Jeffrey Wright ("Westworld", "Casino Royale") is born in Washington, D.C.
  • ...in 1972, Apollo 17 is launched, the final mission of the Apollo program. It is the most recent time that humans travelled beyond low Earth orbit.