<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 3/12/2024

SHARE

Breaches

Over 15,000 hacked Roku accounts sold for 50¢ each to buy hardware

Roku has disclosed a data breach impacting over 15,000 customers after hacked accounts were used to make fraudulent purchases of hardware and streaming subscriptions. However, BleepingComputer has learned there is more to this attack, with threat actors selling the stolen accounts for as little as $0.50 per account, allowing purchasers to use stored credit cards to make illegal purchases. READ MORE...


Equilend warns employees their data was stolen by ransomware gang

New York-based securities lending platform EquiLend Holdings confirmed in data breach notification letters sent to employees that their data was stolen in a January ransomware attack. The financial technology company told BleepingComputer on January 24 that it was forced to take some of its systems offline two days earlier, on January 22, to contain a breach. While Equilend didn't immediately disclose the nature of the incident, LockBit ransomware claimed responsibility for the attack. READ MORE...

Hacking

Typosquatting Wave Shows No Signs of Abating

Ever since the Internet became a commercial entity, hackers have been using it to impersonate businesses through a variety of clever means. And one of the most enduring of these exploits is the practice of typosquatting - i.e., using look-alike websites and domain names to lend legitimacy to social engineering efforts. These look-alikes prey on users' inattention to verifying legitimate websites, and sometimes rely on human mistakes, such as entering a typo in a URL, to capture victims. READ MORE...

Software Updates

Exploited Building Access System Vulnerability Patched 5 Years After Disclosure

Vulnerabilities affecting Linear building access control products, including a security flaw that has been exploited in the wild, have been patched nearly five years after their initial disclosure. In May 2019, at SecurityWeek's ICS Cyber Security Conference, Gjoko Krstic, a researcher who at the time worked for industrial cybersecurity firm Applied Risk, disclosed information on more than 100 vulnerabilities found in building management and access control systems from multiple vendors. READ MORE...

Malware

Never-before-seen Linux malware gets installed using 1-day exploits

Researchers have unearthed Linux malware that circulated in the wild for at least two years before being identified as a credential stealer that's installed by the exploitation of recently patched vulnerabilities. The newly identified malware is a Linux variant of NerbianRAT, a remote access Trojan first described in 2022 by researchers at security firm Proofpoint. Last Friday, Checkpoint Research revealed that the Linux version has existed since at least the same year. READ MORE...

Information Security

Data brokers admit they're selling information on precise location, kids, and reproductive healthcare

Information newly made available under California law has shed light on data broker practices, including exactly what categories of information they trade in. Any business that meets the definition of data broker must register with the California Privacy Protection Agency (CPPA) annually. The CPPA defines data brokers as businesses that consumers don't directly interact with, but that buy and sell information about consumers from and to other businesses. READ MORE...


Tax-related scams escalate as filing deadline approaches

As the April 15, 2024 tax filing deadline approaches in the US, some old and some new tax-related scams targeting both taxpayers and tax professionals. With taxpayers rushing to file their personal federal income tax return, scammers are taking advantage of the commotion to trick people into sending them money or hand out sensitive private information. The Internal Revenue Service (IRS) is warning taxpayers about common IRS impersonation scams, but also new ones. READ MORE...

Exploits/Vulnerabilities

Researchers jailbreak AI chatbots with ASCII art

Researchers based in Washington and Chicago have developed ArtPrompt, a new way to circumvent the safety measures built into large language models (LLMs). According to the research paper ArtPrompt: ASCII Art-based Jailbreak Attacks against Aligned LLMs, chatbots such as GPT-3.5, GPT-4, Gemini, Claude, and Llama2 can be induced to respond to queries they are designed to reject using ASCII art prompts generated by their ArtPrompt tool. READ MORE...


Google's Gemini AI Vulnerable to Content Manipulation

For all its guardrails and safety protocols, Google's Gemini large language model (LLM) is as susceptible as its counterparts to attacks that could cause it to generate harmful content, disclose sensitive data, and execute malicious actions. In a new study, researchers at HiddenLayer found they could manipulate Google's AI technology to - among other things - generate election misinformation, explain in detail how to hotwire a car, and cause it to leak system prompts. READ MORE...

On This Date

  • ...in 1912, the Girl Scouts of the USA are formed as the "Girl Guides."
  • ...in 1922, Beat Generation writer Jack Kerouac ("On the Road", "The Dharma Bums") is born in Lowell, MA.
  • ...in 1930, Mahatma Gandhi begins his 200-mile Salt March to protest the British monopoly on salt in India.
  • ...in 1933, Franklin Delano Roosevelt gives his first Presidential address, which was also the first of his radio "fireside chats."