IT Security Newsletter

IT Security Newsletter - 12/1/2021

Written by Cadre | Wed, Dec 1, 2021

Panasonic's Data Breach Leaves Open Questions

Consumer electronics giant Panasonic's data breach raises questions, researchers say - given that more than two weeks after the incident was discovered, it's unclear if customers' personal information has been impacted. On Friday, Panasonic confirmed that its "network was illegally accessed by a third party on November 11, 2021," and that "some data on a file server had been accessed during the intrusion." READ MORE...

State-backed hackers increasingly use RTF injection for phishing

Three APT hacking groups from India, Russia, and China, were observed using a novel RTF (rich text format) template injection technique in their recent phishing campaigns. This technique is a simple yet effective method to retrieve malicious content from a remote URL, and threat analysts expect it to reach a wider audience of threat actors soon. Researchers at Proofpoint spotted the first cases of weaponized RTF template injection in March 2021. READ MORE...

FBI seized $2.3M from affiliate of REvil, Gandcrab ransomware gangs

The FBI seized $2.3 million in August from a well-known REvil and GandCrab ransomware affiliate, according to court documents seen by BleepingComputer. In a complaint unsealed today, the FBI seized 39.89138522 bitcoins worth approximately $2.3 million at current prices ($1.5 million at time of seizure) from an Exodus wallet on August 3rd, 2021. Exodus is a desktop or mobile wallet that owners can use to store cryptocurrency, including Bitcoin, Ethereum, Solana, and many others. READ MORE...

HP Issues Firmware Updates for Printer Product Vulnerabilities

HP Inc. has issued firmware updates for multiple security vulnerabilities that affect more than 150 models of its multifunction printer (MFP) products. These issues are not particularly easy to exploit. However, they present a threat to enterprise organizations because they give attackers a means to steal data and gain a foothold on a network, according to F-Secure researchers who discovered the bugs and reported them to HP in April 2021. READ MORE...

Yanluowang Ransomware Targeting U.S. Financial Corporations

Security researchers with Symantec believe that the Yanluowang ransomware is operated by a threat actor that was previously affiliated to the FiveHands group. Initially detailed in October, Yanluowang has been used in a series of targeted attacks against large organizations, despite being a new, seemingly undeveloped piece of malware. As part of the attacks, the adversary also employed AdFind for reconnaissance. READ MORE...

It's the flu season - FluBot, that is: Surge of info-stealing Android malware detected

FluBot, a family of Android malware, is circulating again via SMS messaging, according to authorities in Finland. The Nordic country's National Cyber Security Center (NCSC-FI) lately warned that scam messages written in Finnish are being sent in the hope that recipients will click the included link to a website that requests permission to install an application that's malicious. READ MORE...

Missouri Man Sentenced to Prison Over Role in SIM Swapping Scheme

A Missouri man has been sentenced to 10 months in prison for his role in a SIM swapping scheme that resulted in the theft of millions of dollars. The man, Garrett Endicott, 22, of Warrensburg, Johnson County, who pleaded guilty to his role in the scheme, was also ordered to pay $121,000 in restitution, the United States Department of Justice said on Tuesday. Endicott is the sixth member of the international hacking group "The Community" to have been sentenced in connection with the conspiracy. READ MORE...

  • ...in 1913, Henry Ford establishes the first assembly line for automobile production, which he modeled after the production line at Kahn's Meat Packing in Cincinnati.
  • ...in 1940, comedian/actor/writer Richard Pryor ("Silver Streak", "Jo Jo Dancer, Your Life is Calling") is born in Peoria, IL.
  • ...in 1945, actress/singer/comedian Bette Midler ("The Rose", "Hocus Pocus") is born in Honolulu, HI
  • ...in 1955, activist Rosa Parks is jailed for protesting Montgomery, AL's racial segregation laws, by refusing to give up her bus seat for a white passenger.