<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 12/2/2022

SHARE

Top News

LastPass admits to customer data breach caused by previous breach

Back in August 2022, popular password manager company LastPass admitted to a data breach. The company, which is owned by sofware-as-a-service business GoTo, which used to be LogMeIn, published a very brief but nevertheless useful report about that incident about a month later. Briefly put, LastPass concluded that the attackers managed to implant malware on a developer's computer. READ MORE...

Breaches

Hive Social turns off servers after researchers warn hackers can access all data

Hive Social, a social media platform that has seen meteoric growth since Elon Musk took over Twitter, abruptly shut down its service on Wednesday after a security advisory warned the site was riddled with vulnerabilities that exposed all data stored in user accounts. "The issues we reported allow any attacker to access all data, including private posts, private messages, shared media and even deleted direct messages," the advisory claimed. READ MORE...

Hacking

Domain aging gang CashRewindo picks vintage sites to push malvertising

A sophisticated and very patient threat group behind a global malvertising scheme is using so-called aged domains to skirt past cybersecurity tools and catch victims in investment scams. The attackers behind the CashRewindo campaign in many ways operate in the same way as other malvertising crooks. They inject malicious code into digital advertisements on legitimate ad networks, using the infected ads to steer website visitors to pages that may install malware or run scams. READ MORE...

Trends

One Year After Log4Shell, Most Firms Are Still Exposed to Attack

The Log4j vulnerability continues to present a major threat to enterprise organizations one year after the Apache Software Foundation disclosed it last November - even though the number of publicly disclosed attacks targeting the flaw itself has been less than many might have initially expected. A high percentage of systems still remain unpatched against the flaw, and organizations face challenges in finding and remediating the issue. READ MORE...

Malware

Samsung, LG, Mediatek certificates compromised to sign Android malware

?Multiple platform certificates used by Android OEM device vendors to digitally sign core system applications have also been used to sign Android apps containing malware. OEM Android device manufacturers use platform certificates, or platform keys, to sign devices' core ROM images containing the Android operating system and associated apps. If apps are signed with the same platform certificate and assigned the highly privileged user id, these apps will also gain system-level access to the Android device. READ MORE...


New Redigo malware drops stealthy backdoor on Redis servers

A new Go-based malware threat that researchers call Redigo has been targeting Redis servers vulnerable to CVE-2022-0543 to plant a stealthy backdoor and allow command execution. CVE-2022-0543 is a critical vulnerability in Redis (Remote Dictionary Server) software with a maximum severity rating. It was discovered and fixed in February 2022. Attackers continued to leverage it on unpatched machines several months after the fix came out, as proof-of-concept exploit code became publicly available. READ MORE...

Exploits/Vulnerabilities

Anker's Eufy lied to us about the security of its security cameras

Anker has built a remarkable reputation for quality over the past decade, building its phone charger business into an empire spanning all sorts of portable electronics - including the Eufy home security cameras we've recommended over the years. So you can imagine our surprise to learn you can stream video from a Eufy camera, from the other side of the country, with no encryption at all. READ MORE...


Mitsubishi Electric PLCs Exposed to Attacks by Engineering Software Flaws

Researchers at industrial cybersecurity firm Nozomi Networks have discovered three vulnerabilities in Mitsubishi Electric's GX Works3 engineering workstation software that could be exploited to hack safety systems. GX Works3 is the configuration and programming software provided by Mitsubishi Electric for its MELSEC iQ-F and iQ-R programmable logic controllers (PLCs). READ MORE...

On This Date

  • ...in 1823, President James Monroe proclaims American neutrality in future European conflicts, and warns Europe not to interfere in American affairs.
  • ...in 1902, The first working V-8 engine is patented in France by engineer Leon Levavasseur.
  • ...in 1942, Enrico Fermi directs and controls the first nuclear chain reaction in his laboratory at the University of Chicago.
  • ...in 1968, actress and producer Lucy Liu ("Ally McBeal", "Kill Bill") is born in Queens, NY.