IT Security Newsletter - 2/27/2023
Stanford University discloses data breach affecting PhD applicants
Stanford University disclosed a data breach after files containing Economics Ph.D. program admission information were downloaded from its website between December 2022 and January 2023. Last week, the university sent data breach notification letters to 897 individuals who submitted personal and health information as part of the graduate application to its Department of Economics, informing them that their info was accessed without authorization. READ MORE...
Los Angeles school district confirms sensitive student data leaked
Highly sensitive health records, including psychological evaluations, of about 2,000 students were leaked as a result of the ransomware attack that hit the Los Angeles Unified School District last year. The nation's second-largest school system confirmed the potentially damaging and personal information of students was included in a massive data leak after The 74, a nonprofit news organization, published a report detailing the trove of mental health records exposed as part of the attack. READ MORE...
Canadian Telecom Firm Telus Reportedly Investigating Breach
Telus, one of Canada's largest telecommunications providers, is reportedly investigating a potentially major breach of its systems after a threat actor posted samples online of what the person claimed was sensitive data from the company. The leaked data included what the adversary alleged was a sample of employee payroll records, source code from the telecom firm's private GitHub repositories, and other information. READ MORE...
"Ethical hacker" amongst those arrested in Dutch ransomware investigation
Three men have been arrested by Dutch police in connection with ransomware attacks that blackmailed thousands of companies. The men, who are aged between 18 and 21, are said to have made millions of dollars - typically demanding ransoms of 100,000 Euros, but sometimes reaching a peak of more than 700,000 Euros. A 21-year-old man from Zandvoort, described by police as the "prime suspect", is said to have made over €2.5 million (US $2.65 million) during the course of his criminal career. READ MORE...
'PureCrypter' Downloader Used to Deliver Malware to Governments
A threat actor is using the PureCrypter downloader to deliver different types of malware to government entities in the Asia-Pacific and North America regions, Menlo Labs warns. As part of the observed attacks, Discord is used for distribution purposes, while the domain of a compromised non-profit organization serves as a command-and-control (C&C) server, hosting a secondary payload. READ MORE...
A year after Russia's invasion, the scope of cyberwar in Ukraine comes into focus
Twenty-four hours before the Russian invasion of Ukraine on Feb. 24, 2022, a group of cybersecurity researchers from the firm SentinelLabs sat together on the floor of a Miami hotel where they had gathered for a company meeting. With laptops open, they poured over a new malware sample - one that offered a preview, as it turned out, of a Russian cyber offensive to come. READ MORE...
When Low-Tech Hacks Cause High-Impact Breaches
Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. Media coverage understandably focused on GoDaddy's admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. READ MORE...
For GoDaddy customers, a long dwell time means all could be victims
For GoDaddy, past breaches went from bad to worse. Source code was stolen. Malware was installed on servers running the web hosting control panel customers use to manage their sites and shared servers. Customer websites were randomly redirected to malicious sites. GoDaddy hasn't revealed the potential impact of a multiyear intrusion of its systems the company disclosed last week, but there's a poor prognosis for the web hosting giant and its customers. READ MORE...
'New Class of Bugs' in Apple Devices Opens the Door to Complete Takeover
A new class of bugs in Apple's iOS, iPadOS, and macOS has been uncovered, researchers say, that could allow an attacker to escalate privileges and make off with everything on a targeted device. This new class could "allow bypassing code signing to execute arbitrary code in the context of several platform applications," Trellix researcher Austin Emmitt wrote in a blog post on Feb. 21, "leading to escalation of privileges and sandbox escape on both macOS and iOS." READ MORE...
- ...in 1860, a campaigning Abraham Lincoln visits the studio of Mathew Brady, sitting for a portrait that would go on to become the first-ever photograph of a U.S. President.
- ...in 1902, author John Steinbeck ("Of Mice and Men", "The Grapes of Wrath") is born in Salinas, CA.
- ...in 1942, the U.S. Navy's first aircraft carrier, the USS Langley, is sunk by Imperial Japanese Navy Air Service forces near Java in the South Pacific.
- ...in 2015, "Star Trek" actor Leonard Nimoy dies at the age of 83 in Los Angeles, CA. He lived long and prospered...