<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 12/11/2023

SHARE

Breaches

Norton Healthcare discloses data breach after May ransomware attack

Kentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents. Norton Healthcare serves adult and pediatric patients in more than 40 clinics and hospitals across Greater Louisville, Southern Indiana, and the Commonwealth of Kentucky. Norton Healthcare is Louisville's second-largest employer, with more than 140 locations throughout Greater Louisville and Southern Indiana. READ MORE...

Hacking

That call center tech scammer could be a human trafficking victim

Human trafficking for the purposes of populating cyber scam call centers is expanding beyond southeast Asia, where the crime was previously isolated. Interpol revealed this week that an ongoing investigation has discovered evidence of abuse emanating from South America and also the Middle East. Cambodia, Laos, and Myanmar have typically been the hotspots of this type of crime since 2021 when it was first tracked by Interpol. READ MORE...


Kelvin Security hacking group leader arrested in Spain

The Spanish police have arrested one of the alleged leaders of the 'Kelvin Security' hacking group, which is believed to be responsible for 300 cyberattacks against organizations in 90 countries since 2020. News of the arrest of a leader of the financial component of the group was posted to the Spanish National Police's Telegram channel Sunday morning, stating that the threat actors are linked to attacks on government institutions across Spain, Germany, Italy, Argentina, Chile, Japan, and the United States. READ MORE...

Trends

Data breaches fallout reach new heights as the number of exposed records soars

Cyberattacks and data breaches are exposing personal data at an ever-growing rate, according to an Apple-commissioned study conducted by Stuart Madnick, professor of IT at Massachusetts Institute of Technology, published Thursday. More than 2.6 billion personal records were compromised in 2021 and 2022, and the number of records breached jumped 36% in 2022 to 1.5 billion, the report said. READ MORE...

Software Updates

Apache Patches Critical RCE Vulnerability in Struts 2

The Apache Software Foundation over the weekend announced security updates that address a critical-severity file upload vulnerability in the Struts 2 open source development framework, warning that it could be exploited to execute arbitrary code remotely. The issue, tracked as CVE-2023-50164, is described as a flaw in the file upload logic, which could allow an "attacker to enable paths with traversals". No technical details have been published. READ MORE...

Malware

Law Enforcement Reportedly Behind Takedown of BlackCat/Alphv Ransomware Website

The Tor-based BlackCat/Alphv leak site has been inaccessible since December 7. Threat intelligence company RedSense reported the following day that the website was taken down by law enforcement. In an update on Sunday, the company said, "RedSense Chief Research Officer Yelisey Bohuslavkiy confirms that the threat actors, including BlackCat's affiliates and initial access brokers, are convinced that the shutdown was caused by a law enforcement action." READ MORE...


Stealthy Linux rootkit found in the wild after going undetected for 2 years

Stealthy and multifunctional Linux malware that has been infecting telecommunications companies went largely unnoticed for two years until being documented for the first time by researchers on Thursday. Researchers from security firm Group-IB have named the remote access trojan "Krasue," after a nocturnal spirit depicted in Southeast Asian folklore. The researchers chose the name because evidence to date shows it almost exclusively targets victims in Thailand. READ MORE...

Information Security

The 9 best cybersecurity podcasts, according to security practitioners

Security teams are busier than ever, so it's no surprise that practitioners are leaning heavily on podcasts to keep up to date with cybersecurity news, ideas, and tools. The data backs this up - according to the 2023 Voice of the SOC report, 83% of security pros listen to at least one cybersecurity podcast. So which podcasts are security professionals listening to? READ MORE...

Exploits/Vulnerabilities

North Korean hacking ops continue to exploit Log4Shell

Two years after the Log4j vulnerability was revealed, North Korean hackers are continuing to use the flaw in a ubiquitous piece of open source software to carry out attacks as part of a hacking campaign targeting manufacturing, agricultural and physical security entities, according to research released Monday. Carried out over the course of 2023, the campaign employed at least three new malware families and relied, in part, on the Log4Shell exploit. READ MORE...


Russian Espionage Group Hammers Zero-Click Microsoft Outlook Bug

An espionage group linked to the Russian military continues to use a zero-click vulnerability in Microsoft Outlook in attempts to compromise systems and gather intelligence from government agencies in NATO countries, as well as the United Arab Emirates (UAE) and Jordan in the Middle East. A spate of recent attacks in September and October by the Fighting Ursa group is the third wave to use the dangerous Outlook privilege-escalation vulnerability, tracked as CVE-2023-23397. READ MORE...

On This Date

  • ...in 1922, actress Maila Nurmi, best known as the original 1950s TV "horror host" Vampira, is born in Gloucester, MA.
  • ...in 1926, rhythm and blues singer/songwriter Willie Mae Thornton, AKA Big Mama Thornton, the first artist to record "Hound Dog", is born in Ariton, AL.
  • ...in 1968, the Rolling Stones put on the "Rock and Roll Circus" show in London, playing alongside Jethro Tull, the Who, Taj Mahal, and Marianne Faithfull.
  • ...in 1974, pro wrestler and lucha libre ambassador Oscar Gutierrez (better known by his ring name, Rey Mysterio) is born in Chula Vista, CA.