IT Security Newsletter - 3/24/2020
Tech Giant GE Discloses Data Breach After Service Provider Hack
Fortune 500 technology giant General Electric (GE) disclosed that personally identifiable information of current and former employees, as well as beneficiaries, was exposed in a security incident experienced by one of GE's service providers. GE is a multinational operating in a wide range of tech segments including aviation, power, healthcare, and renewable energy, and it is currently ranked by Fortune 500 as the 21st-largest company in the U.S. by revenue. READ MORE...
Hackers try to breach WHO, other COVID-19-fighting orgs
"Elite" hackers have tried - and failed - to breach computer systems and networks of the World Health Organization (WHO) earlier this month, Reuters reported on Monday. In fact, since the start of the COVID-19 pandemic, the WHO has been fielding an increasing number of cyberattacks, as well as impersonation attempts. The attackers created a malicious site mimicking the WHO's internal email system in an attempt to phish the agency staffers' email credentials. READ MORE...
Hackers Hijack Routers' DNS to Spread Malicious COVID-19 Apps
A new cyber attack is hijacking router's DNS settings so that web browsers display alerts for a fake COVID-19 information app from the World Health Organization that is the Vidar information-stealing malware. For the past five days, people have been reporting their web browser would open on its own and display a message prompting them to download a 'COVID-19 Inform App' that was allegedly from the World Health Organization (WHO). READ MORE...
Scammers tried using kids apps in the Google Play store to generate cash
Fifty-six apps in Google's Play store included malicious software that leveraged victims' devices to click on mobile advertisements, artificially inflating the traffic to those ads and helping scammers make money. Research published Tuesday by the security firm Check Point Technologies details how fraudsters used the network of apps, which were downloaded more than 1 million times, to exploit users' trust and make a buck. READ MORE...
Microsoft Warns of Critical Windows Zero-Day Flaws
Microsoft is warning of critical zero-day flaws in its Windows operating system that could enable remote code execution. The unpatched flaws are being exploited by attackers in "limited, targeted" attacks, the company said. According to Microsoft, two remote code execution vulnerabilities exist in the way that Windows' Adobe Type Manager Library handles certain fonts. Adobe Type Manager is a font management tool built into both Mac OS and Windows operating systems, and produced by Adobe. READ MORE...
Vulnerability Exposed Tesla Central Touchscreen to DoS Attacks
Hackers could have caused a Tesla Model 3's central touchscreen to become unusable simply by getting the targeted user to visit a specially crafted website. The car maker has released a software update that patches the vulnerability. A researcher who uses the online moniker Nullze discovered that the Tesla Model 3's web interface is affected by a denial-of-service (DoS) vulnerability. READ MORE...
Apache Tomcat Exploit Poised to Pounce, Stealing Files
A vulnerability in the popular Apache Tomcat web server is ripe for active attack, thanks to a proof-of-concept (PoC) exploit making an appearance on GitHub. The now-patched bug affects Tomcat versions 7.0, 8.5 and 9.0. According to Flashpoint analysts Cheng Lu and Steven Ouellette, an exploit for the "Ghostcat," security bug (tracked as CVE-2020-1938 and first publicly disclosed Feb. 20) reliably allows information disclosure via file retrieval on a vulnerable server. READ MORE...