IT Security Newsletter

IT Security Newsletter - 3/15/2022

Written by Cadre | Tue, Mar 15, 2022

Thousands of Secret Keys Found in Leaked Samsung Source Code

An analysis of the recently leaked Samsung source code revealed that thousands of secret keys have been exposed, including many that could be highly useful to malicious actors. The analysis was conducted by GitGuardian, a company that specializes in Git security scanning and secrets detection. The firm's researchers looked at the source code leaked recently by a cybercrime group calling itself Lapsus$. READ MORE...

Denial-of-service attack knocked Israeli government sites offline

A distributed denial-of-service attack against an Israeli telecommunication provider took Israeli government sites offline temporarily on Monday, the Israel National Cyber Directorate confirmed in a tweet. The statement said that services were back online, but internet watchdog NetBlocks reported that some government websites remained unavailable outside of the country. READ MORE...

Fake antivirus updates used to deploy Cobalt Strike in Ukraine

Ukraine's Computer Emergency Response Team is warning that threat actors are distributing fake Windows antivirus updates that install Cobalt Strike and other malware. The phishing emails impersonate Ukrainian government agencies offering ways to increase network security and advise recipients to download "critical security updates," which come in the form of a 60 MB file named "BitdefenderWindowsUpdatePackage.exe." READ MORE...

Pandora Ransomware Hits Giant Automotive Supplier Denso

A multibillion supplier to key automotive companies like Toyota, Mercedes-Benz and Ford confirmed Monday that it was the target of a cyberattack over the weekend - confirmation that came after the Pandora ransomware group began leaking data that attackers claimed was stolen in the incident. The attack on Japan-based Denso occurred at a company office in Germany, which was "illegally accessed by a third party on March 10," the company said in a press statement on its website. READ MORE...

CaddyWiper: New wiper malware discovered in Ukraine

ESET researchers have uncovered yet another destructive data wiper that was used in attacks against organizations in Ukraine. Dubbed CaddyWiper by ESET analysts, the malware was first detected at 11.38 a.m. local time (9.38 a.m. UTC) on Monday. The wiper, which destroys user data and partition information from attached drives, was spotted on several dozen systems in a limited number of organizations. It is detected by ESET products as Win32/KillDisk.NCX. READ MORE...

QNAP warns severe Linux bug affects most of its NAS devices

Taiwanese hardware vendor QNAP warns most of its Network Attached Storage (NAS) devices are impacted by a high severity Linux vulnerability dubbed 'Dirty Pipe' that allows attackers with local access to gain root privileges. The 'Dirty Pipe' security bug affects Linux Kernel 5.8 and later versions, even on Android devices. If successfully exploited, it allows non-privileged users to inject and overwrite data in read-only files, including SUID processes that run as root. READ MORE...

Researcher uses 379-year-old algorithm to crack crypto keys found in the wild

Cryptographic keys generated with older software now owned by technology company Rambus are weak enough to be broken instantly using commodity hardware, a researcher reported on Monday. This revelation is part of an investigation that also uncovered a handful of weak keys in the wild. The software comes from a basic version of the SafeZone Crypto Libraries, which were developed by a company called Inside Secure. READ MORE...

  • ...in 1819, French physicist Augustin-Jean Fresnel proves at the Parisian Academie des Sciences that light can behave like a wave.
  • ...in 1912, country-blues singer, songwriter, and guitarist Sam "Lightnin'" Hopkins is born in Centerville, TX.
  • ...in 1978, competitive eating champion and multiple Guinness World Record-holder Takeru Kobayashi is born in Nagano, Japan.
  • ...in 1985, the first Internet top-level domain name, symbolics.com, is registered by computer firm Symbolics, Inc.