IT Security Newsletter - 3/30/2022
Lapsus$ Claims Hack of IT Giant Globant After Arrests of Alleged Members
The Lapsus$ hacker group on Wednesday leaked tens of gigabytes of files allegedly stolen from IT giant Globant. The hackers have made available roughly 70 Gb of data that they claim represents Globant customer source code. SecurityWeek has reached out to Globant for comment, but we have yet to hear back. In addition to source code, the cybercriminals published on their Telegram channel a list of usernames and passwords that they claim can be used to access various development platforms used by Globant. READ MORE...
Hackers steal more than $600M from Ronin blockchain used to play Axie Infinity
The cryptocurrency used to play the Pokémon-inspired blockchain game Axie Infinity was the target of a March 23 crypto heist of more than $600 million, one of the largest in history. In February 2021, the Ronin blockchain debuted. Ronin offers 20 free transactions to each account holder. The hacker compromised the Ronin and third-party Axie DAO validator nodes using hacked private keys to forge fake withdrawals. READ MORE...
Log4j Attacks Continue Unabated Against VMware Horizon Servers
VMware Horizon servers - which many organizations are using to enable secure anywhere, anytime access to enterprise apps for remote workers - continue to be a popular target for attackers looking to exploit the critical Apache Log4j remote code execution vulnerability disclosed in December 2021. Researchers from Sophos this week said they had observed a wave of attacks against vulnerable Horizon servers starting January 19, 2022, through now. READ MORE...
"A little gift for you" SMS spam appears to come from your own phone number
If you've received a spam SMS message sent from your own phone number, don't panic. No, you weren't hacked. And you're not the only one who has received such a message. But why do they make it look like the text has come from your own number? It's likely the scammers spoofed it in order to get past built-in filter features because they don't block messages you send yourself. READ MORE...
Mars Stealer malware pushed via OpenOffice ads on Google
A newly launched information-stealing malware variant called Mars Stealer is rising in popularity, and threat analysts are now spotting the first notable large-scale campaigns employing it. Mars Stealer emerged as a redesign of the Oski malware that shut down development in 2020, featuring extensive info-stealing capabilities targeting a broad spectrum of apps. READ MORE...
Hackers Gaining Power of Subpoena Via Fake "Emergency Data Requests"
There is a terrifying and highly effective "method" that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. It involves compromising email accounts and websites tied to police departments and government agencies, and then sending unauthorized demands for subscriber data while claiming the information being requested can't wait for a court order because it relates to an urgent matter of life and death. READ MORE...
Data-harvesting code in mobile apps sends user data to "Russia's Google"
Russia's biggest Internet company has embedded code into apps found on mobile devices that allows information about millions of users to be sent to servers located in its home country. The revelation relates to software created by Yandex that permits developers to create apps for devices running Apple's iOS and Google's Android, systems that run the vast majority of the world's smartphones. READ MORE...
Wyze Cam flaw lets hackers remotely access your saved videos
A Wyze Cam internet camera vulnerability allows unauthenticated, remote access to videos and images stored on local memory cards and has remained unfixed for almost three years. The bug, which has not been assigned a CVE ID, allowed remote users to access the contents of the SD card in the camera via a webserver listening on port 80 without requiring authentication. READ MORE...
Electric Vehicle DC charging tripped by a wireless hack
Researchers from the University of Oxford published details of a vulnerability in the Combined Charging System that has the potential to abort charging. The Combined Charging System (CCS) is one of the plethora of standards in the EV charging world, and allows DC fast charging. Different plug types are used for the US and EU regions (dubbed Combo 1 and 2 respectively) but both use the same underlying technology. READ MORE...
- ...in 1867, U.S. Secretary of State William H. Seward signs a treaty with Russia for the purchase of Alaska for $7.2 million.
- ...in 1930, actor John Astin, best known as Gomez Addams on "The Addams Family", is born in Baltimore, MD.
- ...in 1962, rapper MC Hammer ("U Can't Touch This", "2 Legit 2 Quit") is born Stanley Kirk Burrell in Oakland, CA.
- ...in 1964, the game show Jeopardy! debuts on NBC, hosted by Art Fleming.