IT Security Newsletter - 3/19/2025
Sperm donation giant California Cryobank warns of a data breach
US sperm donor giant California Cryobank is warning customers it suffered a data breach that exposed customers' personal information. California Cryobank is a full-service sperm bank providing frozen donor sperm and specialized reproductive services, such as egg and embryo storage. The company is the largest sperm bank in the US and services all 50 states and more than 30 countries worldwide. READ MORE...
Black Basta Leader in League With Russian Officials, Chat Logs Show
The Black Basta ransomware gang may have connections to Russian authorities, according to fresh analysis of leaked internal chat logs. Black Basta is a Russian-speaking ransomware-as-a-service (RaaS) operation first discovered in April 2022. As a prolific threat group, it went on to target and victimize hundreds of organizations globally before its activity drastically slowed down in recent months. The reason? Leaked chat logs that uncovered the group's operational weaknesses. READ MORE...
Microsoft Warns of New StilachiRAT Malware
Microsoft this week shared details on StilachiRAT, an evasive and persistent piece of malware that enables cybercriminals to steal sensitive data from compromised systems. The tech giant's incident response team first spotted StilachiRAT (the name was given by Microsoft) in November 2024. While it currently does not appear to be widely distributed, the company wanted to warn users and organizations. READ MORE...
Malicious Android 'Vapor' apps on Google Play installed 60 million times
Over 300 malicious Android applications downloaded 60 million items from Google Play acted as adware or attempted to steal credentials and credit card information. The operation was first uncovered by IAS Threat Lab, who categorized the malicious activity under the name "Vapor" and said it has been ongoing since early 2024. IAS identified 180 apps as part of the Vapor campaign, generating 200 million fraudulent advertising bid requests daily to engage in large-scale ad fraud. READ MORE...
Infostealers fueled cyberattacks and snagged 2.1B credentials last year
Cybercriminals used information-stealing malware to a devastating effect last year, capturing sensitive data that fueled ransomware, breaches and attacks targeting supply chains and critical infrastructure, according to a new report. Infostealers were used to steal 2.1 billion credentials last year, accounting for nearly two-thirds of 3.2 billion credentials stolen from all organizations, Flashpoint said in a report released Tuesday. READ MORE...
The "free money" trap: How scammers exploit financial anxiety
With financial stress at an all-time high, and many Americans grappling with confusion about social security, Medicaid, and Medicare, people are desperately seeking relief. Scammers know this all too well and have tailored their tactics to exploit these fears, preying on vulnerable individuals with promises of "free money." Whether it's a so-called "subsidy program," a "government grant," or a "relief card," these scams all share the same underlying goal. READ MORE...
Show top LLMs buggy code and they'll finish off the mistakes rather than fix them
Researchers have found that large language models (LLMs) tend to parrot buggy code when tasked with completing flawed snippets. That is to say, when shown a snippet of shoddy code and asked to fill in the blanks, AI models are just as likely to repeat the mistake as to fix it. Nine scientists from institutions, including Beijing University of Chemical Technology, set out to test how LLMs handle buggy code, and found that the models often regurgitate known flaws rather than correct them. READ MORE...
Critical AMI BMC Vulnerability Exposes Servers to Disruption, Takeover
A critical vulnerability affecting baseboard management controller (BMC) firmware made by AMI could expose many devices to remote attacks, according to firmware and hardware security company Eclypsium. Eclypsium has been analyzing AMI BMC security for years. In the summer of 2023, the company disclosed two serious flaws, warning that they could expose millions of devices that use AMI's MegaRAC BMC to takeover and physical damage. READ MORE...
Microsoft isn't fixing 8-year-old shortcut exploit abused for spying
An exploitation avenue found by Trend Micro in Windows has been used in an eight-year-long spying campaign, but there's no sign of a fix from Microsoft, which apparently considers this a low priority. The attack method is low-tech but effective, relying on malicious .LNK shortcut files rigged with commands to download malware. While appearing to point to legitimate files or executables, these shortcuts quietly include extra instructions to fetch or unpack and attempt to run malicious payloads. READ MORE...
- ...in 1918, the US Congress establishes time zones and approves daylight savings time.
- ...in 1928, Irish actor and screenwriter Patrick McGoohan, famous as "Number Six" in the 1960s TV series "The Prisoner", is born in New York City.
- ...in 1931, gambling is legalized in Nevada.
- ...in 1979, the US House of Representatives begins broadcasting its proceedings via the cable TV network C-SPAN.