IT Security Newsletter

IT Security Newsletter - 3/3/2020

Written by Cadre | Tue, Mar 3, 2020

US Charges Two With Laundering $100M for North Korean Hackers

Two Chinese nationals were charged today by the US Dept of Justice and sanctioned by the US Treasury for allegedly laundering over $100 million worth of cryptocurrency out of the nearly $250 million stolen by North Korean actors known as Lazarus Group after hacking a cryptocurrency exchange in 2018. According to a Department of Justice (DoJ) press release, Tian Yinyin and Li Jiadong, were charged with operating an unlicensed money transmitting business and money laundering conspiracy. READ MORE...

Tesla, SpaceX Parts Manufacturer Suffers Data Breach

Visser Precision, a maker of parts for the aerospace, automotive, industrial, and manufacturing industries, has confirmed a security incident likely caused by the DoppelPaymer ransomware. The breach was first detected when Emsisoft threat analyst Brett Callow noticed a website was posting files that DoppelPaymer had stolen from Visser, TechCrunch reports. These included folders with customer names, including Tesla, SpaceX, Lockheed Martin, and Boeing,. READ MORE...

Krebs on Security: French Firms Rocked by Kasbah Hacker?

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. An individual thought to be involved has earned accolades from the likes of Apple, Dell, and Microsoft for helping to find and fix security vulnerabilities in their products. READ MORE...

Coder Charged in Massive CIA Leak Portrayed as Vindictive

A software engineer on trial in the largest leak of classified information in CIA history was "prepared to do anything" to betray the agency, federal prosecutors said Monday as a defense attorney argued the man had been scapegoated for a breach that exposed secret cyberweapons and spying techniques. A Manhattan jury heard conflicting portrayals of Joshua Schulte, a former CIA coder accused of sending the anti-secrecy group WikiLeaks a large portion of the agency's computer hacking arsenal. READ MORE...

Nvidia patches severe flaws affecting GeForce, Quadro NVS and Tesla

Denial of service, local escalation of privileges, and information disclosure are not security worries most computer users will associate with their racy graphics card or its drivers. And yet fixes for precisely these issues are part of February's Nvidia GPU display update, all of which could compromise Windows or Linux PCs, allowing an attacker to gain local access after a malware attack. READ MORE...

Patches Released for WordPress Plugin Vulnerabilities Exploited in Attacks

Patches released over the past several days for multiple WordPress plugins address vulnerabilities that have been actively exploited as part of the same website takeover campaign. The first of the updated plugins is Flexible Checkout Fields For WooCommerce, a popular application installed on over 20,000 sites. The plugin is impacted by a vulnerability described as an "unauthenticated stored XSS via plugin settings change." READ MORE...

TrickBot Adds ActiveX Control, Hides Dropper in Images

The TrickBot banking trojan has gotten trickier, with the addition of a Windows 10 ActiveX control to execute malicious macros in boobytrapped documents. Michael Gorelik, researcher at Morphisec Labs, said that at least two dozen documents have come to light in the last few weeks that use ActiveX-a feature in Remote Desktop Protocol (RDP) - to automatically trigger malicious macros in documents attached to targeted malspam emails. READ MORE...

What Disney+ Can Teach Businesses About Customer Security

As most people consumed plates piled high with traditional Thanksgiving favorites in late November, Disney+ found itself consumed with a different kind of stuffing: credential stuffing. Credential stuffing attacks can easily go unnoticed - and therefore provide an ideal opportunity for attackers to access and sell highly personal user information. Disney's subscription-based video streaming service learned this lesson the hard way. READ MORE...