IT Security Newsletter - 2/17/2023
FBI is investigating a cybersecurity incident on its network
The U.S. Federal Bureau of Investigation (FBI) is reportedly investigating malicious cyber activity on the agency's network. The federal law enforcement agency says it already contained the "isolated incident" and is working to uncover its scope and overall impact. "The FBI is aware of the incident and is working to gain additional information," the U.S. domestic intelligence and security service told BleepingComputer. READ MORE...
After apparent hack, data from Australian tech giant Atlassian dumped online
A little known hacking crew called SiegedSec posted data on what appears to be thousands of Atlassian employees and floor plans for two of the Australian software vendor's offices. The employee file posted online Wednesday contains more than 13,200 entries and a cursory review of the file appears to show multiple current employees' data, including names, email addresses, work departments and other information. READ MORE...
Scandinavian Airlines website hit by cyber attack, customer details exposed
A group calling itself "Anonymous Sudan" has claimed responsibility for a cyber attack which knocked the website of Scandinavian Airlines (SAS) offline earlier this week, and left customer data exposed. In a statement published on its corporate website, the airline explained that it and "several other companies" had been targeted in an attack that left its website and smartphone app down for some hours. READ MORE...
Fortinet fixes critical RCE flaws in FortiNAC and FortiWeb
Cybersecurity solutions company Fortinet has released security updates for its FortiNAC and FortiWeb products, addressing two critical-severity vulnerabilities that may allow unauthenticated attackers to perform arbitrary code or command execution. The first flaw, impacting FortiNAC, is tracked as CVE-2022-39952 and has a CVSS v3 score of 9.8 (critical). READ MORE...
New Mirai malware variant infects Linux devices to build DDoS botnet
A new Mirai botnet variant tracked as 'V3G4' targets 13 vulnerabilities in Linux-based servers and IoT devices to use in DDoS (distributed denial of service) attacks. The malware spreads by brute-forcing weak or default telnet/SSH credentials and exploiting hardcoded flaws to perform remote code execution on the target devices. Once a device is breached, the malware infects the device and recruits it into its botnet swarm. READ MORE...
Norway finds a way to recover crypto North Korea pinched in Axie heist
Norwegian authorities announced on Thursday that they had recovered $5.9 million of cryptocurrency stolen in the Axie Infinity hack - an incident widely held to have been perpetrated by the Lazarus Group, which has links to North Korea. The Norwegian National Authority for Investigation and Prosecution of Economic and Environmental Crime (Økokrim) has called the seizure among the largest ever money seizures - and the largest-ever related to crypto - made by Norway. READ MORE...
Researchers unearth Windows backdoor that's unusually stealthy
Researchers have discovered a clever piece of malware that stealthily exfiltrates data and executes malicious code from Windows systems by abusing a feature in Microsoft Internet Information Services (IIS). IIS is a general-purpose web server that runs on Windows devices. As a web server, it accepts requests from remote clients and returns the appropriate response. In July 2021, network intelligence company Netcraft said there were 51.6 million instances of IIS spread across 13.5 million unique domains. READ MORE...
Arris router vulnerability could lead to complete takeover
Security researcher Yerodin Richards has found an authenticated remote code execution (RCE) vulnerability in Arris routers. This is the type of router that ISPs typically provide in loan for customers' telephony and internet access. After responsible disclosure Richards has published a Proof-of-Concept (PoC) that demonstrates how he, ironically used the verification against itself. READ MORE...
- ...in 1801, The House of Representatives breaks an electoral college tie and chooses Thomas Jefferson over Aaron Burr for President.
- ...in 1913, the Armory Show opens in New York City, introducing art aficionados to the European avant-garde and inspiring a generation of American artists.
- ...in 1920, comic book artist Curt Swan, whose art appeared in Superman comics for over 30 years, is born in Minnesota.
- ...in 1936, former Cleveland Browns fullback and action film star Jim Brown ("The Dirty Dozen", "Ice Station Zebra") is born in St. Simons, GA.