IT Security Newsletter - 3/3/2022
Personal data from T-Mobile breach still spreading on dark web, state governments warn
The top law enforcement officials from multiple states are alerting people affected by an August 2021 breach at T-Mobile that their personal data might be circulating in cybercrime forums online. "Information stolen in a massive data breach has fallen into the wrong hands and is circulating on the dark web," New York Attorney General Letitia James said Wednesday in a news release. Officials from California, Florida and several other states issued similar warnings. READ MORE...
Healthcare Company Mon Health Discloses Second Data Breach
Monongalia Health System (Mon Health) this week started notifying patients, employees, and partners of a cyberattack that may have resulted in their data being stolen. The healthcare services provider discovered the incident on December 18, when some of its IT systems were disrupted, but learned of the potential data theft only a couple of weeks later. The attackers had access to the organization's network between December 8 and December 19. READ MORE...
Hacked Ukrainian Military Emails Used in Attacks on European Governments
Staff at European government organizations have been receiving malicious emails that appear to be coming from email accounts belonging to members of the Ukrainian military. Russia's war with Ukraine is taking place both in the real world and in cyberspace, with state-sponsored units and hacktivists fighting for both sides. The online battle has involved a wide range of tactics and tools, including distributed denial-of-service (DDoS) attacks, malware, data leaks, and misinformation. READ MORE...
Conti Ransomware Group Diaries, Part II: The Office
Earlier this week, a Ukrainian security researcher leaked almost two years' worth of internal chat logs from Conti, one of the more rapacious and ruthless ransomware gangs in operation today. Tuesday's story examined how Conti dealt with its own internal breaches and attacks from private security firms and governments. In Part II of this series we'll explore what it's like to work for Conti, as described by the Conti employees themselves. READ MORE...
TeaBot Trojan Haunts Google Play Store, Again
The TeaBot banking trojan - also known as "Anatsa" - has been spotted on the Google Play store, researchers from Cleafy have discovered. The malware - designed to intercept SMS messages and login credentials from unwitting users - affected users of "more than 400 banking and financial apps, including those from Russia, China, and the U.S," its report claims. READ MORE...
Don't fall for the "Donate to help children in Ukraine" scam
Earlier this week, we spotted a Microsoft sign-in phish that appeared to be taking advantage of the Ukraine crisis in order to scam people. The email warned of unauthorized log in attempts to the recipient's account, and the location of those attempts was listed as "Russia/Moscow". We probably won't ever know whether this campaign is definitely inspired by current events, but one thing is for sure, the latest spam campaign we've seen recently is. READ MORE...
Over 100,000 medical infusion pumps vulnerable to years old critical bug
Data collected from more than 200,000 network-connected medical infusion pumps used to deliver medication and fluids to patients shows that 75% of them are running with known security issues that attackers could exploit. The findings reveal that tens of thousands of devices are vulnerable to six critical-severity flaws (9.8 out of 10) reported in 2019 and 2020. READ MORE...
Researchers Devise Attack for Stealing Data During Homomorphic Encryption
Researchers at North Carolina State University have developed what they claim is the first successful side-channel attack on an emerging security technology called homomorphic encryption, which allows operations to be performed on encrypted data. The technique will be presented on March 23 at the virtual DATE22 conference and involves a way to steal data even while it is in the process of being homomorphically encrypted. READ MORE...
- ...in 1845, Congress overrides presidential veto for first time with a two-thirds majority vote, forcing President John Tyler to get Congressional approval to build new ships.
- ...in 1923, the first issue of TIME magazine is published. The first cover subject is then-Speaker of the US House of Representatives Joseph Cannon.
- ...in 1931, President Herbert Hoover signs a congressional act making "The Star-Spangled Banner" the official national anthem of the United States.
- ...in 1959, radio host and producer Ira Glass ("This American Life") is born in Baltimore, MD.