<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 2/10/2023

SHARE

Top News

Reddit breached: Internal docs, dashboards, systems accessed

Popular social news website and forum Reddit has been breached (again) and the attacker "gained access to some internal docs, code, as well as some internal dashboards and business systems," but apparently not to primary production systems and user data. The investigation is still ongoing and some details are yet to be confirmed, but the breach started as most corporate breaches do these days: with a successful phishing attack. READ MORE...


North Korean ransomware attacks on healthcare fund govt operations

A new cybersecurity advisory from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) describes recently observed tactics, techniques, and procedures (TTPs) observed with North Korean ransomware operations against public health and other critical infrastructure sectors. The document is a joint report from the NSA, FBI, CISA, U.S. HHS, and Korean agencies, and notes that the funds extorted this way went to support North Korean government's priorities and objectives. READ MORE...

Breaches

Mysterious leak of Booking[.]com reservation data is being used to scam customers

For almost five years, Booking[.]com customers have been on the receiving end of a continuous series of scams that clearly demonstrate that criminals have obtained travel plans and other personal information customers provided to the travel site. One of the more recent shakedowns happened to an Ars reader who asked not to be identified by his real name. READ MORE...


Weee! grocery service confirms data breach, 1.1 million affected

The Weee! Asian and Hispanic food delivery service suffered a data breach exposing the personal information of 1.1 million customers. Weee! claims to be the largest Asian and Hispanic grocery store in North America, delivering food across 48 states in the USA via warehouses spread throughout the country. On Monday, a threat actor named 'IntelBroker' began leaking the data for Weee! on the Breached hacking and data breach forum. READ MORE...


Largest Canadian bookstore Indigo shuts down site after cyberattack

Indigo Books & Music, the largest bookstore chain in Canada, has been struck by a cyberattack yesterday, causing the company to make the website unavailable to customers and to only accept cash payments. The exact nature of the incident remains unclear but Indigo is not ruling out that hackers may have stolen customer data. On Wednesday, Indigo announced that "technical issues" were preventing access to the website and customers at physical stores could pay only by cash. READ MORE...

Hacking

Bungling Optus scammer was no criminal mastermind

Dennis Su isn't the person who hacked Australian telecoms giant Optus last September, in one of the biggest data breaches in the country's history. But he did attempt to exploit the hack which exposed the personal details of as many as 10 million customer Optus accounts to his own benefit. Su sent SMS text messages to 92 Optus customers telling them that their personal details would be sold to fraudsters within days unless AU $2,000 (approximately US $1,400) was transferred into a bank account. READ MORE...


Valve waited 15 months to patch high-severity flaw. A hacker pounced

Researchers have unearthed four game modes that could successfully exploit a critical vulnerability that remained unpatched in the popular Dota 2 video game for 15 months after a fix had become available. The vulnerability, tracked as CVE-2021-38003, resided in the open source JavaScript engine from Google known as V8, which is incorporated into Dota 2. READ MORE...


Phishing Surges Ahead, as ChatGPT & AI Loom

Phishing is having a moment, with a massive spike in campaign volumes in the latter half of 2022. In fact, total phishing emails increased by 61% in the second half, according to an analysis this week. That could also be set to accelerate, as the rise of ChatGPT and other new tools are making their mark on the sector too. That's according the "Q4 2022 Phishing and Malware Report" from email security firm Vade, published Feb. 9. READ MORE...

Malware

Hackers are selling a service that bypasses ChatGPT restrictions on malware

Hackers have devised a way to bypass ChatGPT's restrictions and are using it to sell services that allow people to create malware and phishing emails, researchers said on Wednesday. ChatGPT is a chatbot that uses artificial intelligence to answer questions and perform tasks in a way that mimics human output. People can use it to create documents, write basic computer code, and do other things. READ MORE...

Information Security

Tor Network Under DDoS Pressure for 7 Months

For the past seven months, the Tor anonymity network has been hit with numerous distributed denial-of-service (DDoS) attacks, its maintainers announced this week. Some of the attacks have been severe enough to prevent users from loading pages or accessing onion services, the Tor Project says. Publicly released in 2003, Tor directs traffic through a global network of more than 7,000 relays, to help users maintain anonymity and protect their privacy while navigating the web. READ MORE...


U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating "Trickbot," a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. The U.S. Department of the Treasury says the Trickbot group is associated with Russian intelligence services, and that this alliance led to the targeting of many U.S. companies and government entities. READ MORE...

Exploits/Vulnerabilities

Vulnerability Allows Hackers to Remotely Tamper With Dahua Security Cameras

Researchers have discovered a vulnerability that can be exploited by remote hackers to tamper with the timestamp of videos recorded by Dahua security cameras. The flaw, tracked as CVE-2022-30564, was discovered last year by India-based CCTV and IoT cybersecurity company Redinent Innovations. Advisories describing the vulnerability were published on Wednesday by both Dahua and Redinent. READ MORE...

On This Date

  • ...in 1893, musician and comedian Jimmy Durante, known for his gravelly voice and distinctive "Schnozzola", is born in Manhattan, NY. Ha-cha-cha-cha!
  • ...in 1929, film and television composer Jerry Goldsmith ("Star Trek: The Motion Picture", "Patton", "Planet of the Apes") is born in Los Angeles, CA.
  • ...in 1942, RCA Victor awards bandleader Glenn Miller the first gold record, for his orchestra's recording of "Chattanooga Choo Choo".
  • ...in 1996, IBM supercomputer Deep Blue beats chess grandmaster Garry Kasparov, becoming the first AI to best a human world champion.