IT Security Newsletter - 3/25/2020
Chinese hackers hit Citrix, Cisco vulnerabilities in sweeping campaign
Earlier this year, state-backed Chinese hackers embarked on one of the most sweeping Chinese espionage campaigns FireEye has seen in years, according to new research the security firm published Wednesday. The campaign, which lasted between January 20 and March 11, targeted 75 organizations ranging in nearly every economic sector: telecommunications, healthcare, government, defense, finance, petrochemical, manufacturing, and transportation. READ MORE...
GE Says Some Employees Hit by Data Breach at Canon
General Electric (GE) revealed last week that the personal information of some employees may have been compromised as a result of a data breach suffered by Canon Business Process Services. In a data breach notification sent to affected individuals and submitted to the California Attorney General, GE said an unauthorized party gained access to a Canon email account containing documents belonging to some of its employees. READ MORE...
Never-before-seen attackers are targeting Mideast industrial organizations
Researchers have unearthed an attack campaign that uses previously unseen malware to target Middle Eastern organizations, some of which are in the industrial sector. Researchers with Kaspersky Lab, the security firm that discovered the campaign, have dubbed it WildPressure. It uses a family of malware that has no similarities to any malicious code seen in previous attacks. It's also targeting organizations that don't overlap with other known campaigns. READ MORE...
Tekya Malware Threatens Millions of Android Users via Google Play
Researchers have discovered a new family of auto-clicker malware that commits mobile ad fraud, lurking in 56 apps on the Google Play store. Collectively, they have been downloaded nearly a million times worldwide. A team from Check Point Software recently discovered the malware, dubbed Tekya, which imitates a user's actions to click displays and banners from ad agencies such as Google's AdMob, AppLovin', Facebook and Unity to financially benefit the threat actors. READ MORE...
Public ICS Hacking Tools Make It Easier to Launch Attacks: FireEye
Publicly available hacking tools, many of which have been developed for research and testing purposes, lower the bar for threat actors looking to target industrial control systems (ICS) and operational technology (OT) networks, FireEye warned this week. The cybersecurity firm told SecurityWeek that its Mandiant Intelligence team tracks nearly 100 tools that can be used to exploit vulnerabilities in ICS or interact with industrial equipment in an effort to support intrusions or attacks. READ MORE...
HPE Warns of New Bug That Kills SSD Drives After 40,000 Hours
Hewlett Packard Enterprise (HPE) is once again warning its customers that certain Serial-Attached SCSI solid-state drives will fail after 40,000 hours of operation, unless a critical patch is applied. The company made a similar announcement in November 2019, when firmware defect produced failure after 32,768 hours of running. The current issue affects drives in HPE server and multiple storage products. READ MORE...