<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 3/6/2023

SHARE

Breaches

Ransomware Operators Leak Data Allegedly Stolen From City of Oakland

Over the weekend, the cybercriminals behind the Play ransomware published data allegedly stolen from the City of Oakland last month. The cyberattack started on February 8 and was disclosed on February 10, when Oakland announced that it had taken systems offline to contain the incident, but that emergency services were not impacted. One week later, while continuing restoration efforts, the city declared a local state of emergency, to speed up the procurement of equipment and materials. READ MORE...

Hacking

Core DoppelPaymer ransomware gang members targeted in Europol operation

Europol has announced that law enforcement in Germany and Ukraine targeted two individuals believed to be core members of the DoppelPaymer ransomware group. The operation consisted in raiding multiple locations in the two countries on February and was the result of a coordinated effort that also involved Europol, the FBI and the Dutch Police. "German officers raided the house of a German national, who is believed to have played a major role in the DoppelPaymer ransomware group," Europol said in a statement. READ MORE...

Malware

LockBit ransomware demands $2 million for Pierce Transit data

The Pierce County Public Transportation Benefit Area Corporation (Pierce Transit) has fallen victim to a cyberattack using LockBit ransomware. Pierce Transit is a public transit operator in Washington state. The attack began on February 14, 2023, and required Pierce Transit to implement temporary workarounds, to maintain the service of the transit system which transports around 18,000 people every day. READ MORE...


Feds warn about right Royal ransomware rampage that runs the gamut of TTPs

The US Cybersecurity and Infrastructure Security Agency (CISA), which dubs itself "America's Cyber Defense Agency", has just put out a public service annoucement under its #StopRansomware banner. This report is numbered AA23-061a, and if you've slipped into the habit of assuming that ransomware is yesterday's threat, or that other specific cyberattacks should be at the top of your list in 2023, then it is well worth reading. READ MORE...


Frankenstein malware stitched together from code of others disguised as PyPI package

A malicious package discovered in the Python Package Index (PyPI) is the latest example of what threat hunters from Kroll called the continued "democratization of cybercrime," with the bad guys creating malware variants from the code of others. It reflects the as-a-service trend in ransomware, distributed denial-of-service (DDoS), and other malware, which lets crooks with little or no skills lease or buy weapons to launch their own attacks. READ MORE...

Information Security

The Role of Verifiable Credentials In Preventing Account Compromise

Online authentication is a challenge for organizations of all shapes and sizes. Despite increasingly sophisticated cybersecurity tools, hackers and criminals continually find new and more nefarious ways to enter enterprise systems. One method gaining attention for fighting account compromise attacks is verifiable credentials. The concept refers to using digital credentials that adhere to an open standard. READ MORE...

Exploits/Vulnerabilities

New TPM 2.0 flaws could let hackers steal cryptographic keys

The Trusted Platform Module (TPM) 2.0 specification is affected by two buffer overflow vulnerabilities that could allow attackers to access or overwrite sensitive data, such as cryptographic keys. TPM is a hardware-based technology that provides operating systems with tamper-resistant secure cryptographic functions. It can be used to store cryptographic keys, passwords, and other critical data, making any vulnerability in its implementation a cause for concern. READ MORE...


Critical Vulnerabilities Allow Hackers to Take Full Control of Wago PLCs

German industrial automation solutions provider Wago has released patches for several of its programmable logic controllers (PLCs) to address four vulnerabilities, including ones that can be exploited to take full control of the targeted device. The vulnerabilities were discovered by Ryan Pickren from the Georgia Institute of Technology's Cyber-Physical Security Lab. The issues were identified by the researcher as part of a PhD project on the security of industrial control systems (ICS). READ MORE...

On This Date

  • ...In 1896, Charles King tested his automobile on the streets of Detroit, becoming the first person to drive a car in the Motor City.
  • ...in 1899, German company Bayer registers a trademark for its first major product: "Aspirin."
  • ...in 1917, cartoonist and graphic novelist Will Eisner ("The Spirit", "A Contract With God") is born in Brooklyn, NYC.
  • ...in 1972, basketball great (and former movie genie) Shaquille O'Neal is born in Newark, NJ.