<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 3/31/2023

SHARE

Top News

3CX knew its app was flagged as malicious but took no action for 7 days

The support team for 3CX, the VoIP/PBX software provider with more than 600,000 customers and 12 million daily users, was aware its desktop app was being flagged as malware but decided to take no action for a week when it learned it was on the receiving end of a massive supply chain attack, a thread on the company's community forum shows. READ MORE...


Leaked IT contractor files detail Kremlin's stockpile of cyber-weapons

An unidentified whistleblower has provided several media organizations with access to leaked documents from NTC Vulkan - a Moscow IT consultancy - that allegedly show how the firm supports Russia's military and intelligence agencies with cyber warfare tools. Journalists from Der Spiegel and Munich-based investigative group Paper Trail Media have spent the past few months working with the whistleblower, and have just published a set of articles describing these documents, referred to as The Vulkan Files. READ MORE...

Breaches

DXC Technology says global network is not compromised following Latitude Financial breach

Soon after Latitude Financial revealed it suffered a cyber attack, DXC Technology quietly published a note on its website stating its global network and customer support networks were not compromised. When Latitude Financial, which is listed in the Australian Securities Exchange (ASX), first published about the attack it said the activity was believed to have "originated from a major vendor used" by the company. READ MORE...

Hacking

Supply chain cyberattack with possible links to North Korea could have thousands of victims globally

Hackers modified an enterprise communication company's installation software in an attack that could steal credentials and other information from companies around the world, according to an analysis published Wednesday. Researchers with cybersecurity firm SentinelOne's SentinelLabs team traced illicit activity flagged by its detection systems back to the installation software from a company called 3CX. READ MORE...


APT group Winter Vivern exploits Zimbra webmail flaw to target government entities

An APT group known in the security industry as Winter Vivern has been exploiting a vulnerability in the Zimbra Collaboration software to gain access to mailboxes from government agencies in several European countries. While no clear links have been established between Winter Vivern and a particular country's government, security researchers have noted that its activities closely align with the interests of Russia and Belarus. READ MORE...

Malware

Realtek and Cacti flaws now actively exploited by malware botnets

Multiple malware botnets actively target Cacti and Realtek vulnerabilities in campaigns detected between January and March 2023, spreading ShellBot and Moobot malware. The targeted flaws are CVE-2021-35394, a critical remote code execution vulnerability in Realtek Jungle SDK, and CVE-2022-46169, a critical command injection flaw in the Cacti fault management monitoring tool. READ MORE...

Information Security

Over 70% of Employees Keep Work Passwords on Personal Devices

Roughly four out of five employees (71%) store sensitive work passwords on their personal phones, and 66% use their personal texting apps for work. The data come from SlashNext's latest mobile bring your own device (BYOD) security report, which also suggests 95% of security leaders are increasingly concerned about phishing attacks via private messaging apps. READ MORE...


Ukrainian cyberpolice busts fraud gang that stole $4.3 million

Ukraine's cyberpolice has arrested members of a fraud gang that stole roughly $4,300,000 from over a thousand victims across the EU. The crime group created over 100 fake "phishing" sites targeting users in France, Spain, Poland, the Czech Republic, Portugal, and other European countries, enticing them with products below market prices. Orders placed by the victims didn't correspond to actual purchases, while the threat actors stole credit card details they entered on the phony sites. READ MORE...


World Backup Day is here again - 5 tips to keep your precious data safe

In the early days of personal computers, everyone knew why backups were important. Computer storage simply wasn't as reliable as it is today, and it wasn't a question of if you'd lose vital files through no fault of your own, but when it would happen. (Possibly today, probably tomorrow, almost certainly by next week.) And malware attacks were in some ways worse back then, even though we didn't have $10,000,000 ransomware demands in those days. READ MORE...

Exploits/Vulnerabilities

Unpatched Security Flaws Expose Water Pump Controllers to Remote Hacker Attacks

The impacted product is the Osprey Pump Controller made by US-based ProPump and Controls, a company that specializes in pumping systems and automated controls for a wide range of applications, including golf courses and turf irrigation, municipal water and sewer, biogas, agricultural, and industrial. The vulnerabilities were discovered by Gjoko Krstic, founder and chief information security engineer of Macedonian cybersecurity research firm Zero Science Lab. READ MORE...

On This Date

  • ...in 1889, the Eiffel Tower is dedicated in Paris in a ceremony presided over by Gustave Eiffel, whose company built and designed it.
  • ...in 1918, daylight saving time goes into effect in the United States for the first time.
  • ...in 1943, stage and screen actor Christopher Walken ("The Deer Hunter", "Batman Returns") is born in Queens, NY.
  • ...in 1998, Netscape releases their Mozilla source code under an open-source license, paving the way for the Firefox web browser and its various spinoffs.