IT Security Newsletter

IT Security Newsletter - 12/29/2021

Written by Cadre | Wed, Dec 29, 2021

Another Remote Code Execution Vulnerability Patched in Log4j

The developers of Log4j have patched another remote code execution vulnerability affecting the widely used logging utility. CVE-2021-44228, also known as Log4Shell, was identified in late November and it has been exploited in many attacks since early December. Since the discovery of this bug, security researchers have been increasingly interested in Log4j, which, unsurprisingly, has led to the discovery of several new vulnerabilities. READ MORE...

LastPass users warned their master passwords are compromised

Many LastPass users report that their master passwords have been compromised after receiving email warnings that someone tried to use them to log into their accounts from unknown locations. The email notifications also mention that the login attempts have been blocked because they were made from unfamiliar locations worldwide. "Someone just used your master password to try to log in to your account from a device or location we didn't recognize," the login alerts warn. READ MORE...

Researchers Dive Into Equation Group Tool 'DoubleFeature'

Security researchers at Check Point are publicly documenting the Equation Group APT's DoubleFeature, a component of DanderSpritz post-exploitation framework. In a report published this week, the researchers provide a detailed analysis of DoubleFeature, the DanderSpritz component that was designed to generate "a log and report about the types of tools that could be deployed on the target." READ MORE...

The Log4j Flaw Will Take Years to be Fully Addressed

More than 80% of Java packages affected by the vulnerability in the Apache Log4j library cannot be updated directly, and will require coordination between different project teams to address the flaw. Shortly after the first vulnerability in the Apache Log4j library (CVE-2021-44228) was disclosed, Google's Open Source Insights Team surveyed all the Java packages in the Maven Central Repository. READ MORE...

When employees leave, is your data walking out the door?

In the second quarter of 2021, American workers began resigning from their jobs at a historic rate. The "Great Resignation", as it's since been dubbed, has seen the U.S. set monthly records for the number of workers leaving their jobs three times this year. In September alone, 4.4 million workers resigned from their jobs. The same trend is being seen in the U.K., where resignations are at their highest level in 20 years. READ MORE...

RedLine malware shows why passwords shouldn't be saved in browsers

The RedLine information-stealing malware targets popular web browsers such as Chrome, Edge, and Opera, demonstrating why storing your passwords in browsers is a bad idea. This malware is a commodity information-stealer that can be purchased for roughly $200 on cyber-crime forums and be deployed without requiring much knowledge or effort. However, a new report by AhnLab ASEC warns that the convenience of using the auto-login feature on web browsers is becoming a substantial security problem. READ MORE...

Cryptomining Attack Exploits Docker API Misconfiguration Since 2019

Hackers behind a cryptomining campaign have managed to avoid detection since 2019. The attacks exploited misconfigured Docker APIs that allowed them to gain network entry and ultimately sets up a backdoor on compromised hosts to mine cryptocurrency, researchers said. The attack technique is script-based and dubbed "Autom", because it exploits the file "autom.sh". Attackers have consistently abused the API misconfiguration during the campaign's active period, however the evasion tactics have varied. READ MORE...

  • ...in 1800, chemist and engineer Charles Goodyear, inventor of vulcanized rubber and tire company namesake, is born in New Haven, CT.
  • ...in 1916, James Joyce's first novel "A Portrait of the Artist as a Young Man" is published in a collected edition.
  • ...in 1929, Blues Hall of Fame guitarist Matt "Guitar" Murphy, who played with Howlin' Wolf and Memphis Slim as well as the Blues Brothers, is born in Sunflower, MS.
  • ...in 1967, the memorable classic "Star Trek" episode "The Trouble with Tribbles" first airs on NBC.