<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 3/16/2020

SHARE

Breaches

Radio.com users affected in data breach

Entercom, the second-largest radio company in the United States, has announced that it suffered a cybersecurity incident related to its Radio[dot]com domain. The company has found that in August 2019 an intruder accessed the company's backup cloud database that contained sensitive user data, including possibly Social Security Numbers (SSNs) and driver's license numbers. READ MORE...

Hacking

Why the Norsk Hydro attack is a 'blueprint' for disruptive hacking operations

It's been a year since malicious code tore through the computer network of Norwegian aluminum giant Norsk Hydro, forcing the company to shift some of its operations to manual mode and inflicting tens of millions of dollars in damage. The ransomware attack brought a global manufacturing powerhouse to its knees, and with it more questions than answers about the hackers' motivation. READ MORE...


Uzbekistan surveillance campaign leverages new spyware against human rights activists

Human rights activists and journalists in Uzbekistan, whom researchers have long claimed are victims of intrusive surveillance, are facing an increasingly sophisticated campaign in Uzbekistan, according to new findings from Amnesty International. Last year, a Canadian non-profit, eQualitie, revealed that a group of unidentified attackers has targeted journalists and human rights defenders in Uzbekistan with spearphishing emails since 2016. READ MORE...


Ancient Tortoise BEC Scammers Launch Coronavirus-Themed Attack

A Business Email Compromise (BEC) cybercrime group has started using coronavirus-themed scam emails that advantage of the COVID-19 global outbreak to convince potential victims to send payments to attacker-controlled accounts. In a report shared with BleepingComputer, Agari Cyber Intelligence Division (ACID) researchers say that they "believe this attack is the first reported example of BEC (business email compromise) actors exploiting the global COVID-19 event." READ MORE...

Software Updates

BleepingComputer: List of Free Software and Services During Coronavirus Outbreak

In response to the Coronavirus (COVID-19) outbreak, many organizations are asking their employees to work remotely. This, though, brings new challenges to the workplace as users adapt to video meetings, screen sharing, and the use of remote collaboration tools. To assist a new wave of remote works and get some publicity at the same time, many software developers and service providers have started to offer free licenses or enhanced versions of their software and services. READ MORE...

Information Security

COVID-19 and the forced workplace exodus

The coronavirus (COVID-19) outbreak has officially been categorized by the World Health Organization (WHO) as a pandemic, meaning infection is accelerating in multiple countries concurrently. The United States of America has declared travel bans on 28 European countries, many countries have closed schools and universities, and large gatherings of people have been stopped. READ MORE...

Exploits/Vulnerabilities

Flaws in Popup Builder Plugin Impacted Over 100,000 WordPress Sites

More than 100,000 WordPress websites were potentially affected by a series of vulnerabilities recently discovered and addressed in the Popup Builder plugin. Designed to help with the creation and management of promotional modal pop-ups for WordPress blogs and websites, Popup Builder also includes the ability to run custom JavaScript code when the pop-up is loaded. READ MORE...


Many Backdoors Found in Zyxel CloudCNM SecuManager Software

Researchers have discovered 16 types of vulnerabilities, including many backdoors, in Zyxel's CloudCNM SecuManager network management software. The vendor has confirmed the flaws and says it's working on patches. Zyxel CloudCNM SecuManager provides a console that organizations can use to monitor and manage their security gateways, including on internal and global networks. READ MORE...


Slack Bug Allowed Automating Account Takeover Attacks

Slack has fixed a security flaw that allowed hackers to automate the takeover of arbitrary accounts after stealing session cookies using an HTTP Request Smuggling CL.TE hijack attack on https://slackb[dot]com/. Web security researcher and bug bounty hunter Evan Custodio reported the bug to the team collaboration platform's security team via Slack's HackerOne bug bounty program on November 14th. READ MORE...