IT Security Newsletter - 3/25/2024
Vans claims cyber crooks didn't run off with its customers' financial info
Clothing and footwear giant VF Corporation is letting 35.5 million of its customers know they may find themselves victims of identity theft following last year's security breach. In an email to customers, the Vans and North Face parent promised that crooks didn't swipe their credit card or bank account details. And, it added, there's "no evidence" suggesting any stolen personal info, including names, emails, addresses, and phone numbers, has been used for nefarious purposes. READ MORE...
Russian APT29 Hackers Caught Targeting German Political Parties
Security researchers at Mandiant on Friday raised an alarm after discovering Russia's APT29 hacking group targeting political parties in Germany, indicating a possible new operational focus beyond typical attacks on diplomatic figures. According to new documentation from Mandiant, hackers linked to Russia's foreign intelligence service (SVR) have expanded their target base to hit German political parties in a multi-stage malware attack that includes phishing lures and a new backdoor called Wineloader. READ MORE...
Scammers steal millions from FTX, BlockFi claimants
Customers of bankrupt crypto platform BlockFi have been targeted with a very convincing phishing email impersonating the platform, asking them to connect their wallet to complete the withdrawal of remaining funds. Judging by this Reddit thread, many have fallen for the scam and have had their cryptowallet emptied. Web3 security consultant and threat researcher Plumferno says the scammers pilfered millions in just five days. READ MORE...
Microsoft confirms memory leak in March Windows Server security update
If your Windows domain controllers have been crashing since a security update was installed earlier this month, there's no longer any need to speculate why: Microsoft has admitted it introduced a memory leak in its March patches and fixed the issue. Reports of the bug poured in across recent days as sysadmins reported Windows Server systems freezing and restarting. READ MORE...
Ransomware: lessons all companies can learn from the British Library attack
In October 2023, the British Library suffered "one of the worst cyber incidents in British history," as described by Ciaran Martin, ex-CEO of the National Cyber Security Centre (NCSC). The notorious Rhysida ransomware gang broke into one of the world's greatest research libraries, encrypting or destroying much of its data, and exfiltrating 600 GB of files, including personal information of British Library staff and users. READ MORE...
Novel variant of wiper linked to Viasat attack during Ukraine war raises new fears
Security researchers are warning about a novel variant of the AcidRain wiper, which was used to disrupt satellite communications during Russia's invasion of Ukraine, according to a blog post released Thursday by SentinelLabs. The discovery of the new variant, dubbed AcidPour, coincides with the disruption of multiple telecom networks in Ukraine, which have been offline since March 13. READ MORE...
39,000 Websites Infected in 'Sign1' Malware Campaign
More than 39,000 websites have been infected with a new malware family that redirects visitors to scam domains and displays unwanted ads, website security firm Sucuri warns. Dubbed Sign1, the JavaScript malware was found inside WordPress custom HTML widgets or within the Simple Custom CSS and JS WordPress plugin that the attackers added to the compromised websites. READ MORE...
Darknet marketplace Nemesis Market seized by German police
The German police have seized infrastructure for the darknet Nemesis Market cybercrime marketplace in Germany and Lithuania, disrupting the site's operation. The Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) conducted the action on Wednesday, March 20, 2024, with law enforcement taking down the website and confiscating approximately $100,000 in cash. READ MORE...
GM stops sharing driver data with brokers amid backlash
After public outcry, General Motors has decided to stop sharing driving data from its connected cars with data brokers. Last week, news broke that customers enrolled in GM's OnStar Smart Driver app have had their data shared with LexisNexis and Verisk. Those data brokers in turn shared the information with insurance companies, resulting in some drivers finding it much harder or more expensive to obtain insurance. READ MORE...
Hackers can unlock over 3 million hotel doors in seconds
When thousands of security researchers descend on Las Vegas every August for what's come to be known as "hacker summer camp," the back-to-back Black Hat and Defcon hacker conferences, it's a given that some of them will experiment with hacking the infrastructure of Vegas itself, the city's elaborate array of casino and hospitality technology. But at one private event in 2022, a select group of researchers were actually invited to hack a Vegas hotel room. READ MORE...
- ...in 1655, Saturn's largest moon, Titan, is discovered by Dutch scientist Christiaan Huygens using only a 50 power refracting telescope of his own design.
- ...in 1807, British Parliament passes the Slave Trade Act, abolishing the slave trade in the British Empire.
- ...in 1969, John Lennon and Yoko Ono hold their first "Bed-In for Peace" at the Amsterdam Hilton, lasting for a full week.
- ...in 1995, computer programmer Ward Cunningham launches WikiWikiWeb, the world's first user-created "wiki" website community.