IT Security Newsletter - 2/19/2020
Latest Tax Scams Target Apps and Tax-Prep Websites
This tax season crooks are targeting users with a new crop of scams that include leveraging remote desktop software and compromising small tax-prep company websites. "If you have the word 'tax' in your domain name, you're a target this year," warns Sherrod DeGrippo, senior director of threat research and detection at Proofpoint in a report released Wednesday. READ MORE...
US natural gas operator shuts down for 2 days after being infected by ransomware
A US-based natural gas facility shut down operations for two days after sustaining a ransomware infection that prevented personnel from receiving crucial real-time operational data from control and communication equipment, the Department of Homeland Security said on Tuesday. Tuesday's advisory from the DHS' Cybersecurity and Infrastructure Security Agency, or CISA, didn't identify the site except to say that it was a natural gas-compression facility. READ MORE...
Encoding Stolen Credit Card Data on Barcodes
Crooks are constantly dreaming up new ways to use and conceal stolen credit card data. According to the U.S. Secret Service, the latest scheme involves stolen card information embedded in barcodes affixed to phony money network rewards cards. The scammers then pay for merchandise by instructing a cashier to scan the barcode and enter the expiration date and card security code. READ MORE...
8.4 million: Number of DDoS attacks researchers saw last year alone
Netscout released the findings of its Threat Intelligence Report for the second half of 2019, which also incorporates insights from its 15th Annual Worldwide Infrastructure Security Report (WISR) survey. The report underscores the proliferation of risks faced by global enterprises and service providers. These organizations must now not only defend IT infrastructures, but also manage risks caused by increased DDoS attacks on customer-facing services and applications. READ MORE...
Ring Mandates 2FA After Rash of Hacks
Connected doorbell-maker Ring is now requiring two-factor authentication (2FA) for all users when they sign into their accounts. The new requirement comes after Ring faced a backlash in December following a rash of disturbing hacks and security issues tied to the smart doorbell. While Amazon-owned Ring offered 2FA as an option to customers before, now the second layer of verification will be mandatory to all users. READ MORE...
Dharma Ransomware Attacks Italy in New Spam Campaign
Threat actors are distributing the Dharma Ransomware in a new spam campaign targeting Windows users in Italy. The Dharma Ransomware has been active for many years and is based on another ransomware family called Crysis. It is not common, though, to see this ransomware family distributed through malspam as it is more commonly installed via hacked remote desktop services. READ MORE...
Serious Vulnerabilities Expose SonicWall SMA Appliances to Remote Attacks
Several serious vulnerabilities have been found by a researcher in Secure Mobile Access (SMA) and Secure Remote Access (SRA) appliances made by SonicWall. The vendor has released software updates that patch the flaws. Researchers last year discovered that enterprise VPN products from Pulse Secure, Fortinet and Palo Alto Networks are affected by severe vulnerabilities that can be exploited remotely without authentication. READ MORE...
A third of all vulnerabilities in 2019 had a CVSS v2 score of 7.0 and above
Risk Based Security's VulnDB team aggregated 22,316 newly-disclosed vulnerabilities during 2019, finding that 37.26% had available exploit code or a Proof of Concept and that 33.43% of all vulnerabilities in 2019 had a CVSS v2 score of 7.0 and above. Risk Based Security also identified a total of 302 vulnerabilities impacting Electronic Voting Machines (EVMs), 289 of which have no known solution. READ MORE...