IT Security Newsletter

IT Security Newsletter - 2/7/2023

Written by Cadre | Tue, Feb 7, 2023

Hackers are mass infecting servers worldwide by exploiting a patched hole

An explosion of cyberattacks is infecting servers around the world with crippling ransomware by exploiting a vulnerability that was patched two years ago, it was widely reported on Monday. The hacks exploit a flaw in ESXi, a hypervisor VMware sells to cloud hosts and other large-scale enterprises to consolidate their hardware resources. ESXi is what's known as a bare-metal, or Type 1, hypervisor, meaning it's essentially its own operating system that runs directly on server hardware. READ MORE...

Embarrassment as US cyber ambassador's Twitter account is hacked

A top US cyber diplomat said his Twitter account was compromised over the weekend. Nate Fick, the inaugural US ambassador at large for Cyberspace and Digital Policy, on Saturday announced the hack of his personal account (not the government agency one) with - of course - a tweet. "Perils of the job," he added, suggesting that his sense of irony remains intact. Assuming that was an authorized tweet, of course. READ MORE...

How Cybercriminals Are Operationalizing Money Laundering and What to Do About It

It's almost impossible to pinpoint the amount of money that's laundered globally, but conservative estimates put it at anywhere from $800 million to $2 trillion, according to the United Nations' Office on Drug and Crimes - and that's likely just the tip of the iceberg. It's a crime that, in turn, fuels some of the world's most heinous criminal activities. The rise of cryptocurrency also has made it easier for them to evade detection. READ MORE...

ChatGPT's potential to aid attackers puts IT pros on high alert

51% of IT professionals predict that we are less than a year away from a successful cyberattack being credited to ChatGPT, and 71% believe that foreign states are likely to already be using the technology for malicious purposes against other nations, according to BlackBerry. The survey of 1,500 IT decision makers across North America, UK, and Australia exposed a perception that 74% acknowledge its potential cybersecurity threat and are concerned. READ MORE...

Actively exploited GoAnywhere MFT zero-day gets emergency patch

Fortra has released an emergency patch to address an actively exploited zero-day vulnerability in the GoAnywhere MFT secure file transfer tool. The vulnerability allows attackers to gain remote code execution on vulnerable GoAnywhere MFT instances whose administrative console is exposed online. The company has disclosed (this advisory can only be accessed with a free account) over the weekend that the flaw is being exploited in attacks and has provided indicators of compromise for potentially affected customers. READ MORE...

Clop ransomware flaw allowed Linux victims to recover files for months

The Clop ransomware gang is now also using a malware variant that explicitly targets Linux servers, but a flaw in the encryption scheme has allowed victims to quietly recover their files for free for months. This new Linux version of Clop was spotted in December 2022 by Antonis Terefos, a researcher at SentinelLabs, after the threat group used it together with the Windows variant in an attack against a university in Colombia. READ MORE...

Keeping KillNet at Bay: Use the IP Address Blocklist

SecurityScorecard has pulled together a list of proxy IP addresses used by KillNet to launch distributed denial-of-service attacks (DDoS) against various entities around the world over the past year. KillNet has taken responsibility for DDoS attacks against US-based hospitals and airports, as well as financial and government organizations in Germany. The pro-Russian group is targeting countries supporting Ukraine, especially NATO countries. READ MORE...

Critical Baicells Device Vulnerability Can Expose Telecoms Networks to Snooping

A critical vulnerability affecting wireless communication base stations from Baicells Technologies can be exploited to cause disruption in telecom networks or take complete control of data and voice traffic, according to a researcher. Baicells Technologies is a US-based telecommunications equipment provider for 4G and 5G networks. The company says more than 100,000 of its base stations are deployed across 64 countries around the world. READ MORE...

  • ...in 1940, Walt Disney's second feature-length animated film, Pinocchio, premieres.
  • ...in 1965, comedian Chris Rock ("Saturday Night Live", "Grown Ups") is born in Andrews, SC.
  • ...in 1984, astronauts Bruce McCandless and Robert L. Stewart make the first untethered space walk using the backpack-mounted Manned Maneuvering Unit.
  • ...in 1997, ousted Apple co-founder Steve Jobs' company NeXT merges with Apple, paving the way for the company's future operating systems and Jobs' own return as CEO.