<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 12/29/2020

SHARE

Breaches

Finnish lawmakers' emails hacked in suspected espionage incident

Hackers gained access to the Finnish Parliament's IT system in recent months in an incident that allowed them to access to some emails belonging to members of Parliament, the Finnish Central Criminal Police announced Monday. The perpetrators "have been able to obtain information either to benefit a foreign state or to harm Finland" in an apparent espionage operation, the chief inspector at the National Bureau of Investigation, Tero Muurman, said in a statement. Police did not identify any suspects. READ MORE...


Kawasaki Says Data Possibly Stolen in Security Breach

Kawasaki Heavy Industries on Monday revealed that information from its overseas offices might have been stolen following a security breach that occurred earlier this year. Based in Japan, Kawasaki Heavy Industries is a multinational corporation best known for the manufacturing of motorcycles, heavy equipment, engines, ships, rolling stock, and aerospace and defense equipment. On June 11, 2020, the company discovered that unknown actors breached its network. READ MORE...

Hacking

US Treasury warns of ransomware targeting COVID-19 vaccine research

The US Treasury Department's Financial Crimes Enforcement Network (FinCEN) warned financial institutions of ransomware actively targeting vaccine research organizations. "FinCEN is aware of ransomware directly targeting vaccine research, and FinCEN asks financial institutions to stay alert to ransomware targeting vaccine delivery operations as well as the supply chains required to manufacture the vaccines," the US Treasury Department bureau warned [PDF]. READ MORE...


Aida Cruises cancels trips due to mysterious "IT restrictions"

German cruise line AIDA Cruises is dealing with mysterious "IT restrictions" that have led to the cancellation of New Year's Eve cruises embarking this past weekend. Aida Cruises is a subsidiary of multinational cruise giant Carnival Corporation and predominantly caters to German-speaking passengers. In an email seen by BleepingComputer, Aida told passengers for the AIDAperla cruise ship that their trip was canceled due to IT restrictions affecting the companies' phone systems and email. READ MORE...


UK arrests suspects tied to WeLeakInfo, a site shuttered for selling breached personal data

It's been almost a year since an international sting took down WeLeakInfo, a site that marketed stolen personal data, but its alleged customers are still drawing the attention of law enforcement. The U.K.'s National Crime Agency says that 21 people have been arrested across the country recently for using data purchased on WeLeakInfo for criminal activity, including hacking and fraud. "Of those 21 arrested - all men aged between 18-38 - nine were detained on suspicion of Computer Misuse Act offences. READ MORE...

Malware

New Zero-Day, Malware Indicate Second Group May Have Targeted SolarWinds

A piece of malware named by researchers Supernova and a zero-day vulnerability exploited to deliver this malware indicate that SolarWinds may have been targeted by a second, unrelated threat actor. When FireEye disclosed details of the attack on SolarWinds in early December, in addition to the Sunburst backdoor, it mentioned a piece of malware named Supernova. However, further analysis has led researchers to believe that Supernova is not related to Sunburst. READ MORE...

Exploits/Vulnerabilities

Transitioning from vulnerability management to vulnerability remediation

If you think you've heard this one before, to quote Bachman-Turner Overdrive, "you ain't heard nothing yet." As companies move full speed ahead on cloud migration, we'll start to understand how little we really know about securing complex cloud deployments. From network configurations to user authorization, each cloud security control has its own best practice (or set of them). And just as in "olden times," mistakes, errors, and technology flaws can introduce vulnerabilities into the environment. READ MORE...

Encryption

Home appliance giant Whirlpool hit in Nefilim ransomware attack

Home appliances giant Whirlpool suffered a ransomware attack by the Nefilim ransomware gang who stole data before encrypting devices. Whirlpool is one of the world's largest home application makers with appliances under its name and KitchenAid, Maytag, Brastemp, Consul, Hotpoint, Indesit, and Bauknecht. Whirlpool employs 77,000 people at 59 manufacturing & technology research centers worldwide and generated approximately $20 billion in revenue for 2019. READ MORE...

On This Date

  • ...in 1800, chemist and engineer Charles Goodyear, inventor of vulcanized rubber and tire company namesake, is born in New Haven, CT.
  • ...in 1916, James Joyce's first novel "A Portrait of the Artist as a Young Man" is published in a collected edition.
  • ...in 1929, Blues Hall of Fame guitarist Matt "Guitar" Murphy, who played with Howlin' Wolf and Memphis Slim as well as the Blues Brothers, is born in Sunflower, MS.
  • ...in 1967, the memorable classic "Star Trek" episode "The Trouble with Tribbles" first airs on NBC.