<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 3/31/2025

SHARE

Top News

Oracle has reportedly suffered 2 separate breaches exposing thousands of customers' PII

Oracle isn't commenting on recent reports that it has experienced two separate data breaches that have exposed sensitive personal information belonging to thousands of its customers. The most recent data breach report, published Friday by Bleeping Computer, said that Oracle Health-a health care software-as-a-service business the company acquired in 2022-had learned in February that a threat actor accessed one of its servers and made off with patient data from US hospitals. READ MORE...

Breaches

Hacker Leaks Samsung Customer Data

A threat actor has published approximately 270,000 customer records allegedly stolen from Samsung Germany's ticketing system, cybersecurity firm Hudson Rock reports. The threat actor behind the leak, who uses the name 'GHNA', apparently gained access to Samsung's system using the stolen credentials of a Spectos GmbH account used for monitoring and service quality improvements. The credentials, Hudson Rock says, were compromised in 2021. READ MORE...


Retail giant Sam's Club investigates Clop ransomware breach claims

?Sam's Club, an American warehouse supermarket chain owned by U.S. retail giant Walmart, is investigating claims of a Clop ransomware breach. The Walmart division operates over 600 warehouse clubs with millions of members across the United States and Puerto Rico and almost 200 additional locations in Mexico and China. Sam's Club has over 2.3 million employees and reported a total revenue of $84.3 billion for the fiscal year ending January 31, 2023. READ MORE...

Hacking

Phishing-as-a-service operation uses DNS-over-HTTPS for evasion

A newly discovered phishing-as-a-service (PhaaS) operation that researchers call Morphing Meerkat, has been using the DNS over HTTPS (DoH) protocol to evade detection. The platform also leverages DNS email exchange (MX) records to identify victims' email providers and to dynamically serve spoofed login pages for more than 114 brands. Morphing Meerkat has been active since at least 2020 and it was discovered by security researchers at Infoblox. READ MORE...

Trends

GenAI turning employees into unintentional insider threats

The amount of data being shared by businesses with GenAI apps has exploded, increasing 30x in one year, according to Netskope. The average organization now shares more than 7.7GB of data with AI tools per month, a massive jump from just 250MB a year ago. This includes sensitive data such as source code, regulated data, passwords and keys, and intellectual property, significantly increasing the risk of costly breaches, compliance violations, and intellectual property theft. READ MORE...

Malware

Qakbot Resurfaces in Fresh Wave of ClickFix Attacks

The previously dormant Qakbot banking Trojan has resurfaced recently as the payload in a wave of attacks on LinkedIn and other social media sites, the attacks leverage the emerging ClickFix technique to trick users into installing malware. Researchers at artificial intelligence (AI) security firm Buguard first detected the attacks in late December 2024. The attacks drop the sophisticated banking Trojan via an emerging social engineering method using legitimate-looking CAPTCHA verifications. READ MORE...


'Crocodilus' Android Banking Trojan Allows Device Takeover, Data Theft

A newly identified mobile banking trojan targeting Android users has advanced device takeover capabilities and remote-control functionality, fraud prevention firm ThreatFabric warns. Dubbed Crocodilus, the trojan contains powerful capabilities, including remote control of the infected device, advanced data harvesting, keylogging, and support for overlay attacks. It has been observed targeting users in Spain and Turkey. READ MORE...

Information Security

FBI raids home of prominent computer scientist who has gone incommunicado

A prominent computer scientist who has spent 20 years publishing academic papers on cryptography, privacy, and cybersecurity has gone incommunicado, had his professor profile, email account, and phone number removed by his employer, Indiana University, and had his homes raided by the FBI. Xiaofeng Wang has a long list of prestigious titles. According to his employer, he has served as principal investigator on research projects totaling nearly $23 million over his 21 years there. READ MORE...


Bruce Schneier: The Signal Chat Leak and the NSA

US National Security Advisor Mike Waltz, who started the now-infamous group chat coordinating a US attack against the Yemen-based Houthis on March 15, is seemingly now suggesting that the secure messaging service Signal has security vulnerabilities. "I didn't see this loser in the group," Waltz told Fox News about Atlantic editor in chief Jeffrey Goldberg, whom Waltz invited to the chat. "Whether he did it deliberately [...], is something we're trying to figure out." READ MORE...

Exploits/Vulnerabilities

Vulnerability in most browsers abused in targeted attacks

Researchers found a vulnerability in Chrome that was abused in the wild against organizations in Russia. Google has released an update for its Chrome browser which includes patches for this vulnerability. The update brings the Stable channel to versions 134.0.6998.178 for Windows. Other operatings sytems are not vulnerable. To manually get the update, click Settings > About Chrome. If there is an update available, Chrome will notify you and start downloading it. READ MORE...

On This Date

  • ...in 1889, the Eiffel Tower is dedicated in Paris in a ceremony presided over by Gustave Eiffel, whose company built and designed it.
  • ...in 1918, daylight saving time goes into effect in the United States for the first time.
  • ...in 1943, stage and screen actor Christopher Walken ("The Deer Hunter", "Batman Returns") is born in Queens, NY.
  • ...in 1998, Netscape releases their Mozilla source code under an open-source license, paving the way for the Firefox web browser and its various spinoffs.