<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 3/10/2025

SHARE

Breaches

560,000 People Impacted Across Four Healthcare Data Breaches

More than 560,000 people were impacted across four data breaches disclosed last week to authorities by the healthcare organizations Hillcrest Convalescent Center, Gastroenterology Associates of Central Florida, Community Care Alliance, and Sunflower Medical Group. The biggest of the breaches in terms of the number of impacted individuals was disclosed by Kansas-based healthcare services provider Sunflower Medical Group. READ MORE...


Feds Link $150M Cyberheist to 2022 LastPass Hacks

In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing this week, U.S. federal agents investigating a spectacular $150 million cryptocurrency heist said they had reached the same conclusion. READ MORE...

Software Updates

March 2025 Patch Tuesday forecast: A return to normalcy

The February Patch Tuesday updates and activity during the month marked a return to normalcy for patch management. Following the January updates addressing 100+ vulnerabilities, we saw 37 CVEs fixed in Windows 11 and 33 CVEs in Windows 10. This was rounded out by 8 CVEs addressed in the Office 365 online versions and Office 2016 in standalone form. Microsoft made a few announcements and fixes in the last month you should be aware of. READ MORE...

Malware

Nearly 1 million Windows devices targeted in advanced "malvertising" spree

Nearly 1 million Windows devices were targeted in recent months by a sophisticated "malvertising" campaign that surreptitiously stole login credentials, cryptocurrency, and other sensitive information from infected machines, Microsoft said. The campaign began in December, when the attackers, who remain unknown, seeded websites with links that downloaded ads from malicious servers. The links led targeted machines through several intermediary sites until finally arriving at repositories on GitHub. READ MORE...


Cobalt Strike takedown effort cuts cracked versions by 80%

Fortra's Cobalt Strike has been a widely used weapon for a variety of cybercriminals and nation-state threat actors, who frequently use cracked copies of the red teaming tool to establish command-and-control communications and persistent access inside victim environments. Fortra, Microsoft's Digital Crimes Unit (DCU) and Health Information Sharing and Analysis Center (Health-ISAC) formed a partnership two years ago to reduce malicious activity stemming from Cobalt Strike. READ MORE...

Information Security

Consumer Reports calls out slapdash AI voice-cloning safeguards

Four out of six companies offering AI voice cloning software fail to provide meaningful safeguards against the misuse of their products, according to research conducted by Consumer Reports. The nonprofit publication evaluated the AI voice cloning services from six companies: Descript, ElevenLabs, Lovo, PlayHT, Resemble AI, and Speechify. It found ElevenLabs, Speechify, PlayHT, and Lovo "required only that researchers check a box confirming that they had the legal right to clone the voice." READ MORE...


Undocumented commands found in Bluetooth chip used by a billion devices

The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains undocumented commands that could be leveraged for attacks. The undocumented commands allow spoofing of trusted devices, unauthorized data access, pivoting to other devices on the network, and potentially establishing long-term persistence. This was discovered by Spanish researchers Miguel Tarascó Acuña and Antonio Vázquez Blanco of Tarlogic Security. READ MORE...


Russian crypto exchange Garantex seized in international law enforcement operation

U.S. and European law enforcement agencies have seized the infrastructure of Garantex, a cryptocurrency exchange accused of laundering billions in criminal proceeds, in a sweeping international operation that signals heightened focus on illicit financial flows in cryptocurrency markets. According to Justice Department documents unsealed Friday, the Moscow-based exchange processed approximately $96 billion in cryptocurrency transactions since its founding in April 2019. READ MORE...

Exploits/Vulnerabilities

Mass Exploitation of Critical PHP Vulnerability Begins

Threat actors have started exploiting en masse a critical vulnerability in PHP that could allow remote code execution on vulnerable servers, threat intelligence firm GreyNoise warns. The flaw, tracked as CVE-2024-4577 (CVSS score of 9.8), can be exploited on Windows servers that are using Apache and PHP-CGI, if they are set to use certain code pages, to inject arguments remotely and execute arbitrary code. READ MORE...


Unpatched Edimax IP camera flaw actively exploited in botnet attacks

A critical command injection vulnerability impacting the Edimax IC-7100 IP camera is currently being exploited by botnet malware to compromise devices. The flaw was discovered by Akamai researchers, who confirmed to BleepingComputer that the flaw is exploited in attacks that are still ongoing. Akamai researcher Kyle Lefton told BleepingComputer that they will provide more technical details about the flaw and the associated botnet next week. READ MORE...

On This Date

  • ...in 1876, the first discernible speech is transmitted over a telephone system by inventor Alexander Graham Bell.
  • ...in 1971, actor Jon Hamm ("Mad Men", "Unbreakable Kimmy Schmidt") is born in St. Louis, MO.
  • ...in 1977, astronomers James Elliot, Edward Dunham, and Jessica Mink definitively confirm that the planet Uranus has rings.
  • ...in 2000, the NASDAQ Composite index peaks at 5,048.62, marking the beginning of the end for the early online boom known as the "Dot-com bubble."