IT Security Newsletter - 12/30/2021
T-Mobile says new data breach caused by SIM swap attacks
T-Mobile confirmed that recent reports of a new data breach are linked to notifications sent to a "very small number of customers" who fell victim to SIM swap attacks. "We informed a very small number of customers that the SIM card assigned to a mobile number on their account may have been illegally reassigned or limited account information was viewed," a T-Mobile spokesperson told BleepingComputer. READ MORE...
Chinese hackers use Log4j exploit to go after academic institution
A Chinese hacking group known for industrial espionage and intelligence collection used a vulnerability in Log4j to go after a large academic institution, researchers at CrowdStrike revealed Wednesday. Threat analysts observed the group attempting to install malware after gaining access using a modified version of a Log4j exploit for VMWare Horizon, a virtual workspace technology. CrowdStrike also observed the Chinese hackers trying to harvest credentials for further exploitation. READ MORE...
Ransomware and terrorism: For security pros the threat is equal
Venafi announced the findings of a global survey of more than 1,500 IT security decision makers that reveals that 60% of security professionals believe ransomware threats should be prioritized at the same level as terrorism. These opinions echo the U.S. Department of Justice, which raised the threat level of ransomware following the Colonial Pipeline attack earlier this year. READ MORE...
Ransomware gang coughs up decryptor after realizing they hit the police
The AvosLocker ransomware operation provided a free decryptor after learning they encrypted a US government agency. Last month, a US police department was breached by AvosLocker, who encrypted devices and stole data during the attack. However, according to a screenshot shared by security researcher pancak3, after learning that the victim was a government agency, they provided a decryptor for free. READ MORE...
Threat Advisory: E-commerce Bots Use Domain Registration Services for Mass Account Fraud
While researching a recent large-scale bot campaign with CQ Prime Threat Research team lead, Dean Lendrum, we found attackers using domain parking and monetization services to register multiple domains, creating a large number of fake eCommerce accounts per domain. Analysis of shopping-bot campaign data uncovered more than 850,000 fake accounts associated with a relatively small number of domains. READ MORE...
Storage Devices of Major Vendors Impacted by Encryption Software Flaws
Storage devices from several major vendors are affected by vulnerabilities discovered by a researcher in third-party encryption software they all use. Earlier this month, SecurityWeek reported that Western Digital had updated its SanDisk SecureAccess product to address vulnerabilities that can be exploited to gain access to user data through brute force and dictionary attacks. READ MORE...
- ...in 1924, astronomer Edwin Hubble formally announces the existence of other galactic systems at a meeting of the American Astronomical Society.
- ...in 1934, actor and dancer Russ Tamblyn ("West Side Story", "Twin Peaks") is born in Los Angeles, CA.
- ...in 1942, musician/actor/producer Mike Nesmith ("The Monkees"), whose work on early music videos directly led to the creation of MTV, is born in Houston, TX.
- ...in 1963, the long-running game show "Let's Make a Deal" hosted by Monty Hall first airs on daytime television.