<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 3/18/2025

SHARE

Top News

OAuth Attacks Target Microsoft 365, GitHub

A trio of ongoing campaigns have highlighted once again the continued popularity among cybercriminals of malicious OAuth apps as a go-to attack method. In one wave of recent attacks, threat actors have been using bogus Adobe Acrobat and Adobe Drive logos on malicious OAuth apps to steer targeted users straight to malware-laden or Microsoft 365 credential phishing sites when clicked on. READ MORE...

Breaches

Blockchain gaming platform WEMIX hacked to steal $6.1 million

Blockchain gaming platform WEMIX suffered a cyberattack last month, allowing threat actors to steal 8,654,860 WEMIX tokens, valued at approximately $6,100,000 at the time. During a press conference held yesterday, WEMIX's CEO Kim Seok-Hwan confirmed the incident occurred on February 28, 2025, explaining that the delay in issuing a public announcement wasn't an attempt to cover it up, but rather a conscious choice to protect players from additional losses. READ MORE...


Western Alliance Bank Discloses Data Breach Linked to Cleo Hack

Western Alliance Bank is notifying roughly 22,000 individuals that their personal information was stolen from a third-party secure file transfer software. The incident, the bank says, occurred in October 2024, when a threat actor started exploiting an unknown vulnerability in the file transfer tool, gaining access to "a limited portion of Western Alliance's systems" and stealing files from them. READ MORE...

Malware

Microsoft: New RAT malware used for crypto theft, reconnaissance

?Microsoft has discovered a new remote access trojan (RAT) that employs "sophisticated techniques" to avoid detection, maintain persistence, and extract sensitive data. While the malware (dubbed StilachiRAT) hasn't yet reached widespread distribution, Microsoft says it decided to publicly share indicators of compromise and mitigation guidance to help network defenders detect this threat and reduce its impact. READ MORE...


Black Basta uses brute-forcing tool to attack edge devices

Black Basta's private chat logs were leaked last month, revealing the strategies, tactics and targeted vulnerabilities that the notorious ransomware-as-a-service gang used over the last two years. EclecticIQ researchers analyzed the chats and discovered a previously unidentified brute-forcing framework, dubbed "BRUTED," that Black Basta threat actors have used since 2023 to target network edge devices like VPNs and firewalls. READ MORE...

Exploits/Vulnerabilities

ChatGPT Vulnerability Exploited Against US Government Organizations

Threat actors are targeting a year-old server-side request forgery (SSRF) vulnerability in ChatGPT, mainly against financial entities and US government organizations, cybersecurity firm Veriti reports. The bug, tracked as CVE-2024-27564, is a medium-severity issue affecting the pictureproxy.php file. It allows attackers to inject crafted URLs in the url parameter and force the application to make arbitrary requests. READ MORE...

On This Date

  • ...in 1766, the British Parliament repeals the Stamp Act, removing the tax on printed materials produced in the American colonies.
  • ...in 1850, American Express is founded by Henry Wells and William Fargo.
  • ...in 1935, Parker Bros. bought the the rights to Charles Darrow's version of Monopoly, nearly the same as the one still played today.
  • ...in 1965, Soviet cosmonaut Alexey Leonov becomes the first person to walk in space, leaving his Voskhod 2 spacecraft for a full 12 minutes and nine seconds.