<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 12/08/2020

SHARE

Hacking

Foxconn electronics giant hit by ransomware, $34 million ransom

Foxconn electronics giant suffered a ransomware attack at a Mexican facility over the Thanksgiving weekend, where attackers stole unencrypted files before encrypting devices. Foxconn is the largest electronics manufacturing company globally, with recorded revenue of $172 billion in 2019 and over 800,000 employees worldwide. Foxconn subsidiaries include Sharp Corporation, Innolux, FIH Mobile, and Belkin. BleepingComputer has been tracking a rumored Foxconn ransomware attack. READ MORE...


PlayStation Now bugs let sites run malicious code on Windows PCs

Security bugs found in the PlayStation Now (PS Now) cloud gaming Windows application allowed attackers to execute arbitrary code on Windows devices running vulnerable app versions. PlayStation Now reached more than 2.2 million subscribers [PDF] at the end of April 2020 since the service's launch in 2014. The vulnerabilities discovered by bug bounty hunter Parsia Hakimian affected PS Now version 11.0.2 and earlier on computers running Windows 7 SP1 or later. READ MORE...

Malware

Rana Android Malware Updates Allow WhatsApp, Telegram IM Snooping

Researchers have discovered new samples of a previously discovered Android malware, which is believed to be linked to the APT39 Iranian cyberespionage threat group. The new variant comes with new surveillance capabilities - including the ability to snoop on victims' Skype, Instagram and WhatsApp instant messages. According to U.S. feds, the developers of this malware are allegedly operating under the guise of a front company, Rana Intelligence Computing Co., which has been linked to APT39. READ MORE...

Information Security

Recruitment giant Randstad hit by ransomware, sensitive data stolen

One of the world's leading recruitment agencies has found itself the victim of ransomware. In a statement published on Thursday last week, Randstad said that it had "recently become aware of malicious activity" on its network. That "malicious activity" was the Egregor ransomware, and although Randstad says that its operations have not been compromised by the security breach it does acknowledge that the hacker accessed - and have subsequently published - sensitive data: "To date, [...]" READ MORE...

Exploits/Vulnerabilities

NSA warns of Russian government-backed hackers aiming at US defense sector targets

The National Security Agency issued an alert Monday warning U.S. defense contractors to be on alert for Russian state-sponsored hackers exploiting a recently announced vulnerability. The software issue, which affects VMware Workspace One Access, Access Connector, Identity Manager and Identity Manager Connector, is known as a Command Injection Vulnerability, and could allow attackers to execute arbitrary commands on targets. READ MORE...


Researcher Awarded $15,000 for Code Execution Flaw in PlayStation Now App

A critical vulnerability addressed earlier this year in the PlayStation Now application for Windows could have been exploited by malicious websites to execute arbitrary code. The PlayStation Now application allows users to access an on-demand game collection directly from their Windows PCs. To enjoy the games, users also need a PlayStation Network account and a compatible controller. As part of Sony's bug bounty program on HackerOne, a security researcher that goes by the handle of "parsiya". READ MORE...

Encryption

Russian Sentenced to French Prison for Bitcoin Laundering

A Russian bitcoin expert at the center of a multi-country legal tussle was sentenced in Paris on Monday to five years in prison for money laundering and ordered to pay 100,000 euros (more than $120,000) in fines in a case of suspected cryptocurrency fraud. A court acquitted Alexander Vinnik of charges of extortion and association with a criminal enterprise, according to his lawyers. Vinnik denies wrongdoing, and his lawyers are discussing whether to appeal. READ MORE...

On This Date

  • ...in 1894, cartoonist E.C. Segar, best known as the creator of Popeye the Sailor, is born Santa Monica, CA.
  • ...in 2010, SpaceX becomes the first private aerospace company to successfully launch, orbit, and recover a spacecraft.
  • ...in 2013, heavy metal band Metallica perform a concert in Antarctica, becoming the first musical group to play on all seven continents.
  • ...is 1861, French filmmaker and early special-effects pioneer Georges Melies ("A Trip to the Moon") is born in Paris.