IT Security Newsletter

IT Security Newsletter - 12/6/2022

Written by Cadre | Tue, Dec 6, 2022

Microsoft warns of Russian cyberattacks throughout the winter

Microsoft has warned of Russian-sponsored cyberattacks continuing to target Ukrainian infrastructure and NATO allies in Europe throughout the winter. Redmond said in a report published over the weekend that it observed a pattern of targeted attacks on infrastructure in Ukraine by the Russian military intelligence threat group Sandworm in association with missile strikes. The attacks have been accompanied by a propaganda campaign to undermine Western support (from the U.S., EU, and NATO) for Ukraine. READ MORE...

DHS secretary says US faces 'a new kind of warfare'

Secretary of Homeland Security Alejandro Mayorkas said national security and homeland security are now more interconnected than ever before, largely driven by the fact that U.S. adversaries can execute attacks "with a keystroke." In a speech Monday, Mayorkas said that global interconnectedness and the willingness of nations to unleash digital attacks that have international ramifications has brought the national security threat "directly to our communities." READ MORE...

Amnesty International Canada Says It Was Hacked by Beijing

The Canadian branch of Amnesty International said Monday it was the target of a cyberattack sponsored by China. The human rights organization said it first detected the breach Oct. 5 and hired forensic investigators and cybersecurity experts to investigate. Ketty Nivyabandi, Secretary General of Amnesty International Canada, said the searches in their systems were specifically and solely related to China and Hong Kong, as well as a few prominent Chinese activists. READ MORE...

Hackers hijack Linux devices using PRoot isolated filesystems

Hackers are abusing the open-source Linux PRoot utility in BYOF (Bring Your Own Filesystem) attacks to provide a consistent repository of malicious tools that work on many Linux distributions. A Bring Your Own Filesystem attack is when threat actors create a malicious filesystem on their own devices that contain a standard set of tools used to conduct attacks. This file system is then downloaded and mounted on compromised machines, providing a preconfigured toolkit. READ MORE...

Netgear Neutralizes Pwn2Own Exploits With Last-Minute Nighthawk Router Patches

Last week, Netgear released hotfixes for a network misconfiguration in Nighthawk RAX30 (AX2400) routers that could allow a remote attacker to gain unrestricted access to services otherwise intended for the local network. The bug existed because the WAN interface of these devices had IPv6 enabled by default, but did not apply for IPv6 traffic access restrictions that were otherwise applied for IPv4 traffic. READ MORE...

Wiper, Disguised as Fake Ransomware, Targets Russian Orgs

Companies infected with purported ransomware may no longer have an option to pay a ransom. A new malicious program acts exactly like crypto-ransomware - overwriting and renaming files, then dropping a text file with a ransom note and a Bitcoin address for payment - but the program instead deletes the contents of a victim's files. The program, CryWiper, currently targets Russian organizations but could easily be used against companies and organizations in other nations. READ MORE...

OpenAI's new ChatGPT bot: 10 dangerous things it's capable of

OpenAI's newly unveiled ChatGPT bot is making waves when it comes to all the amazing things it can do-from writing music to coding to generating vulnerability exploits, and what not. As the erudite machinery turns into a viral sensation, humans have started to discover some of the AI's biases, like the desire to wipe out humanity. As more and more netizens play with ChatGPT's preview, coming to surface are some of the cracks in the AI's thinking as its creators rush to mend them in real time. READ MORE...

Tractors vs. threat actors: How to hack a farm

While I was in the UK police force and part of the National Cyber Crime Unit in 2018, I was asked to give a talk on cybersecurity at a National Farmers' Union (NFU) meeting in southern England. Right after I started my talk, one farmer immediately raised his hand and told me that his cows had recently "been hacked". Baffled and amused, I was instantly hooked and wanted to know more about his story. READ MORE...

Hacking cars remotely with just their VIN

Your car's mobile app might have allowed hackers to remotely unlock your vehicle, turn on or off its engine, and even honk its horn. Those are the findings of Sam Curry, a security researcher and bug bounty hunter, who explored vulnerabilities that could affect Hyundai, Genesis, Nissan, Infiniti, Honda, and Acura vehicles, amongst others. Curry and his colleagues first turned their attention to the official mobile apps used by owners of Hyundai and Genesis vehicles. READ MORE...

Google Chrome zero-day exploited in the wild (CVE-2022-4262)

Google has patched CVE-2022-4262, a type confusion vulnerability in the V8 JavaScript engine used by Google Chrome (and Chromium), which is being exploited by attackers in the wild. No other technical details have been shared about this zero-day flaw, only that it was reported by security engineer Clement Lecigne of Google's Threat Analysis Group (TAG), whose goal is to protect users from state-sponsored attacks and other advanced persistent threats. READ MORE...

  • ...1884, the Washington Monument is completed in Washington, D.C.
  • ...in 1865, the Thirteenth Amendment to the U.S. Constitution is ratified, abolishing slavery and involuntary servitude, except as punishment for a crime.
  • ...in 1920, jazz pianist and composer Dave Brubeck ("Take Five") is born in Concord, CA.
  • ...in 1955, deadpan comedian and writer Steven Wright (Who said: "It's a small world, but I wouldn't want to paint it.") is born in Cambridge, MA.