CISA researchers: Russia's Fancy Bear infiltrated US satellite network
Researchers at the Cybersecurity and Infrastructure Security Agency recently discovered suspected Russian hackers lurking inside a U.S. satellite network, raising fresh concerns about Moscow's intentions to infiltrate and disrupt the rapidly expanding space economy. While details of the attack are scant, researchers blamed the incident on the Russian military group known as Fancy Bear, or APT28. It involved a satellite communications provider with customers in U.S. critical infrastructure sectors. READ MORE...
Restaurant CRM platform 'SevenRooms' confirms breach after data for sale
Restaurant customer management platform SevenRooms has confirmed it suffered a data breach after a threat actor began selling stolen data on a hacking forum. SevenRooms is a restaurant customer relationship management (CRM) platform used by international restaurant chains and hospitality service providers, such as MGM Resorts, Bloomin' Brands, Mandarin Oriental, Wolfgang Puck, and many more. READ MORE...
Iran-Backed Charming Kitten APT Eyes Kinetic Ops, Kidnapping
State-sponsored advanced persistent threat (APT) Charming Kitten (aka TA453), which is purportedly linked to the Islamic Revolutionary Guard Corps (IRGC), has updated its phishing techniques, and is using malware and more confrontational lures, possibly in service to kidnapping operations. Since 2020, Proofpoint researchers have observed variations in phishing activity by the APT, with the group employing new methods and targeting different targets than in the past. READ MORE...
Update now! Apple patches active exploit vulnerability for iPhones
Apple has released new security content for iOS 16.1.2 and Safari 16.2. Normally we would say that Apple pushed out updates, but in this mysterious case the advisory is about an iPhone software update Apple released two weeks ago. As it turns out, to fix a zero-day security vulnerability that was actively exploited. The updates should all have reached you in your regular update routines, but it doesn't hurt to check if your device is at the latest update level. READ MORE...
Microsoft warns of new Minecraft DDoS malware infecting Windows, Linux
A new cross-platform malware botnet named 'MCCrash' is infecting Windows, Linux, and IoT devices to conduct distributed denial of service attacks on Minecraft servers. The botnet was discovered by Microsoft's Threat Intelligence team, who report that once it infects a device, it can self-spread to other systems on the network by brute-forcing SSH credentials. READ MORE...
Glupteba Botnet Still Active Despite Google's Disruption Efforts
An analysis conducted by OT and IoT cybersecurity firm Nozomi Networks shows that the Glupteba botnet is still active following Google's efforts to disrupt the cybercrime operation. The Glupteba botnet is powered by a large number of compromised Windows devices. The malware can steal user credentials and other data, mine cryptocurrencies, and turn devices into proxies. It leverages cryptocurrency blockchains to protect its command and control (C&C) structure. READ MORE...
US Food Companies Warned of BEC Attacks Stealing Food Product Shipments
The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of Agriculture (USDA) are raising alarm on business email compromise (BEC) attacks leading to the theft of shipments of food products and ingredients. Typically used to steal money, BEC involves threat actors compromising email accounts at target companies and then targeting employees in charge of making payments with fraudulent emails. READ MORE...
Researcher Bypasses Akamai WAF
Akamai's Web application firewall (WAF) is intended to fend off potential attacks like distributed denial-of-service (DDoS), but a researcher discovered a way to bypass its protections by using complex payloads to confuse its rules. The researcher, known as Peter H., along with Usman Mansha, said Akamai has since patched against the vulnerability, which was not assigned a CVE number. In the write-up, Peter H. explained how he used a vulnerable version of Spring Boot to bypass WAF protections. READ MORE...
NIST bids adieu to SHA-1 cryptographic algorithm
A cryptographic algorithm standard first published almost 30 years ago has reached the end of the road, the National Institute of Standards and Technology said Thursday. While NIST reemphasized the need for anyone relying on secure hash algorithm (SHA-1) for security to migrate to newer and more advanced algorithms in SHA-2 or SHA-3, the issue remains only moderately urgent. READ MORE...
- ...in 1776, Thomas Paine publishes the first of a series of pamphlets entitled "The American Crisis", opening with the famous words: "These are the times that try men's souls."
- ...in 1843, Charles Dickens' classic novella "A Christmas Carol" is published. The first edition sells out by Christmas Eve.
- ...in 1918, New Orleans blues singer and pianist Professor Longhair (born Henry Roeland Byrd), is born in Bogalusa, LA.
- ...in 1942, pro wrestling announcer "Mean" Gene Okerlund is born in South Dakota.
- ...in 1998, President Bill Clinton is impeached by the US House of Representatives, becoming the nation's second Chief Executive to be charged with misconduct while in office.
