IT Security Newsletter - 2/23/2023
US Military Emails Exposed via Cloud Account
A US Department of Defense email server hosted on Microsoft Azure's government cloud service reportedly was found wide open to the public Internet for a period of about two weeks before it was properly secured. According to a report on TechCrunch, a security researcher spotted the email server containing internal US military messages, some with sensitive personal information, including an SF-86 questionnaire that federal workers fill out as part of their security clearance process. READ MORE...
Russia's information war against Ukraine went stealth after Meta crackdown
Initially one of the most prolific purveyors of information operations on Facebook, Russian operatives have during the course of the war in Ukraine found themselves taking a "smash-and-grab" approach to gain influence online, substituting quality with quantity. The new assessment of Russian influence operations comes from data that Meta, Facebook's parent company, released Thursday just as the war in Ukraine nears its one-year anniversary. READ MORE...
Datacenters in China, Singapore cracked by crims who then targeted tenants
Criminals have targeted datacenter operators in Singapore and China, tapping into their CCTV cameras, accessing their tenant lists and then attacking those customers. That's the scary scenario outlined by infosec vendor Resecurity, which has detailed malicious campaigns said to have started in 2021 but became apparent earlier this month when info dumps were teased on the notorious Breached.to forums. READ MORE...
Cisco Patches High-Severity Vulnerabilities in ACI Components
Cisco on Wednesday informed customers about the availability of patches for two high-severity vulnerabilities affecting components of its Application Centric Infrastructure (ACI) software-defined networking solution. One of these flaws, CVE-2023-20011, impacts the management interface of the Cisco Application Policy Infrastructure Controller (APIC) and Cloud Network Controller. APIC is the unified point of automation and management for ACI. READ MORE...
Hackers use fake ChatGPT apps to push Windows, Android malware
Threat actors are exploiting the popularity of OpenAI's ChatGPT chatbot to distribute malware for Windows and Android, or direct unsuspecting vitims to phishing pages. ChatGPT gained immense traction since its launch in November 2022, becoming the most rapidly growing consumer application in modern history with more then100 million users by January 2023. READ MORE...
Russian Accused of Developing NLBrute Malware Extradited to US
A Russian national accused of developing a piece of malware named NLBrute has been extradited to the United States from the Eastern European country of Georgia. The suspect, Dariy Pankov, aka dpxaker, was extradited from Georgia in October 2022 and he appeared before a US judge this week. It's unclear for how long he had been in Georgia before being detained, but more than 100,000 Russians reportedly fled to the neighboring country last year. READ MORE...
Hackers now exploit critical Fortinet bug to backdoor servers
Threat actors are targeting Internet-exposed Fortinet appliances with exploits targeting CVE-2022-39952, an unauthenticated file path manipulation vulnerability in the FortiNAC webserver that can be abused for remote command execution. These attacks come one day after Horizon3 security researchers released proof-of-concept exploit code for the critical-severity flaw that will add a cron job to initiate a reverse shell on compromised systems as the root user. READ MORE...
Researchers find hidden vulnerabilities in hundreds of Docker containers
Rezilion uncovered the presence of hundreds of Docker container images containing vulnerabilities that are not detected by most standard vulnerability scanners and SCA tools. The research revealed numerous high-severity/critical vulnerabilities hidden in hundreds of popular container images, downloaded billions of times collectively. This includes high-profile vulnerabilities with publicly known exploits. READ MORE...
- ...in 1861, President-elect Abraham Lincoln arrives in Washington amid secrecy and tight security, following a thwarted assassination attempt in Baltimore.
- ...in 1893, Rudolf Diesel receives a German patent for his compression-ignition engine, known today as the diesel engine.
- ...in 1945, AP photographer Joe Rosenthal takes a Pulitzer-winning shot of six US Marines raising the US flag atop Mt. Suribachi in the Battle of Iwo Jima.
- ...in 1954, a group of children in Pittsburgh, PA are the first to receive the new polio vaccine, developed by Dr. Jonas Salk of the University of Cincinnati.