<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 12/20/2023

SHARE

Top News

Wolverine-developer Insomniac Games sees 1.67TB of secrets leaked in data breach

Acclaimed Sony-owned game development studio Insomniac Games became the victim of a large-scale ransomware attack this week, as initially reported by Cyber Daily. Ransomware group Rhysida dumped 1.67TB of data, including assets and story spoilers from unreleased games, a road map of upcoming titles, internal company communications, employees' personal data such as passport scans and compensation figures, and much more. READ MORE...

Breaches

New Web injections campaign steals banking data from 50,000 people

A new malware campaign that emerged in March 2023 used JavaScript web injections to try to steal the banking data of over 50,000 users of 40 banks in North America, South America, Europe, and Japan. IBM's security team discovered this evasive threat and reported that the campaign has been under preparation since at least December 2022, when the malicious domains were purchased. READ MORE...


Healthcare software provider data breach impacts 2.7 million

ESO Solutions, a provider of software products for healthcare organizations and fire departments, disclosed that data belonging to 2.7 million patients has been compromised as a result of a ransomware attack. According to the notification, the intrusion occurred on September 28 and resulted in data being exfiltrated before the hackers encrypted a number of company systems. READ MORE...

Hacking

Chinese, Russian interference attempts on 2022 midterms didn't impact voting, intelligence agencies say

Chinese and Russian targeting of U.S. election infrastructure during the 2022 midterms didn't impact voting, according to the findings of a U.S. intelligence community report released on Monday that concluded that foreign efforts to meddle in U.S. elections have shifted toward sowing division and fueling distrust among the electorate. The report assessed that the "aggregate scale and scope of foreign activity targeting the U.S. midterm elections exceeded" what was detected during the 2018 midterms. READ MORE...


3,500 Arrested, $300 Million Seized in International Crackdown on Online Fraud

As part of an international effort to tackle online financial fraud, authorities in 34 countries have arrested approximately 3,500 suspects and seized roughly $300 million worth of assets, Interpol announced on Tuesday. The six-month operation, named HAECHI IV, targeted business email compromise (BEC), ecommerce fraud, investment fraud, voice phishing, money laundering associated with illegal online gambling, romance scams, and online sextortion schemes. READ MORE...

Software Updates

Mozilla Patches Firefox Vulnerability Allowing Remote Code Execution, Sandbox Escape

Mozilla on Tuesday announced security updates for both Firefox and Thunderbird, to address 20 vulnerabilities, including several memory safety issues. Firefox 121 was released with patches for 18 vulnerabilities, five of which have a 'high' severity rating. At the top of the list is CVE-2023-6856, a heap buffer overflow bug in WebGL, the JavaScript API for rendering interactive graphics within the browser. READ MORE...

Malware

New MetaStealer malvertising campaigns

MetaStealer is a popular piece of malware that came out in 2022, levering previous code base from RedLine. Stealers have become a very hot commodity in the criminal space, so much so that there is competition between various groups. Threat actors have primarily used malspam as an infection vector to drop MetaStealer as well as cracked software via stolen YouTube accounts, but it was at least once previously seen in a malvertising campaign. READ MORE...


BlackCat Ransomware Raises Ante After FBI Disruption

The U.S. Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world's second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang's darknet website, and released a decryption tool that hundreds of victim companies can use to recover systems. Meanwhile, BlackCat responded by briefly "unseizing" its darknet site with a message promising 90 percent commissions for affiliates who continue to work with the crime group. READ MORE...


Targeted F5 Vulnerability 'Update' Delivers Wiper to Israeli Victims

Israel's National Cyber Directorate (NCD) has issued an "urgent warning" about a targeted email campaign impersonating F5 Networks that delivers a dangerous wiper malware. The lure for the attack is a critical authentication bypass vulnerability in F5's BIG-IP, disclosed in late October. At the time, F5 said one way to resolve the vulnerability was to download and run a special shell script file on the BIG-IP system. READ MORE...

Exploits/Vulnerabilities

SSH shaken, not stirred by Terrapin vulnerability

A vulnerability in the SSH protocol can be exploited by a well-placed adversary to weaken the security of people's connections, if conditions are right. In a successful man-in-the-middle attack, the adversary may be able to force SSH clients to use weaker authentication methods and disable some defense mechanisms. It is hard right now to pin down the true realistic impact of the flaw because it all depends on individual client-server configurations, implementations of the protocol, and other variables. READ MORE...


Microsoft Outlook Zero-Click Security Flaws Triggered by Sound File

Researchers this week disclosed details on two security vulnerabilities in Microsoft Outlook that, when chained together, give attackers a way to execute arbitrary code on affected systems without any user interaction. Unusually, both of them can be triggered using a sound file. One of the flaws, tracked as CVE-2023-35384, is actually the second patch bypass that researchers at Akamai have uncovered for a critical privilege escalation vulnerability in Outlook that Microsoft first patched in March. READ MORE...

On This Date

  • ...in 1868, businessman Harvey Firestone, founder of the Firestone Tire and Rubber Company, is born in Columbiana, OH.
  • ...in 1946, the beloved Frank Capra classic "It's A Wonderful Life" opens in New York City. Surprisingly, it was a box office bomb, losing over $525,000 for RKO.
  • ...in 1954, novelist Sandra Cisneros ("The House on Mango Street") is born in Chicago, IL.
  • ...in 2007, Queen Elizabeth II becomes the oldest living monarch of the United Kingdom, surpassing Queen Victoria's nearly 82-year lifespan.