<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 3/8/2022

SHARE

Breaches

FBI: Ransomware gang breached 52 US critical infrastructure orgs

The US Federal Bureau of Investigation (FBI) says the Ragnar Locker ransomware gang has breached the networks of at least 52 organizations from multiple US critical infrastructure sectors. This was revealed in a joint TLP:WHITE flash alert published on Monday in coordination with the Cybersecurity and Infrastructure Security Agency. The flash alert focuses on providing indicators of compromise (IOCs) organizations can use to detect and block Ragnar Locker ransomware attacks. READ MORE...


Samsung Source Code Compromised in Hack

Samsung this week confirmed reports that it suffered a cyberattack that exposed some source code related to its Galaxy mobile devices. "According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees," Samsung said in a statement, according to a report in TechCrunch. READ MORE...

Hacking

Google: Russia, China, Belarus state hackers target Ukraine, Europe

Google says Russian, Belarusian, and Chinese threat actors targeted Ukrainian and European government and military organizations, as well as individuals, in sweeping phishing campaigns and DDoS attacks. The company's Threat Analysis Group (TAG), a dedicated team of security experts that works to defend Google users from state-sponsored attacks, has alerted hundreds of Ukrainians they've been targeted. READ MORE...

Malware

Ransomware gang Conti has already bounced back from damage caused by chat leaks, experts say

A Twitter account known as ContiLeaks debuted to much fanfare in late February, with people around the globe watching as tens of thousands of leaked chats between members of the Russia-based ransomware gang Conti hit the web. In the days after the leaks, many celebrated what they thought would be a devastating blow to Conti, which a Ukrainian security researcher had apparently punished by leaking the internal chats because the gang threatened to "strike back" at any entities that organized "any war activities against Russia." READ MORE...


Conti Ransomware Group Diaries, Part IV: Cryptocrime

Three stories here last week pored over several years' worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. The candid messages revealed how Conti evaded law enforcement and intelligence agencies, what it was like on a typical day at the Conti office, and how Conti secured the digital weaponry used in their attacks. This final post on the Conti conversations explores different schemes that Conti pursued to invest in and steal cryptocurrencies. READ MORE...

Exploits/Vulnerabilities

Linux has been bitten by its most high-severity vulnerability in years

Linux has yet another high-severity vulnerability that makes it easy for untrusted users to execute code capable of carrying out a host of malicious actions including installing backdoors, creating unauthorized user accounts, and modifying scripts or binaries used by privileged services or apps. Dirty Pipe, as the vulnerability has been named, is among the most serious Linux threats to be disclosed since 2016. READ MORE...


Widely used UPS devices can be hijacked and destroyed remotely

Three vulnerabilities in ubiquitous APC Smart-UPS (uninterruptible power supply) devices could allow remote attackers to use them as an attack vector, disable or completely destroy them, Armis researchers have discovered. The vulnerable devices, developed by Schneider Electric subsidiary APC, are used all around the globe to provide emergency backup power for critical physical infrastructure (industrial facilities, hospitals, energy suppliers, data centers, etc.) READ MORE...


Azure flaw allowed users to control others' accounts

Microsoft has acknowledged the existence of a flaw in its Azure cloud computing service that allowed users full access to other users' accounts. The flaw was dubbed "AutoWarp" by Orca Security, which discovered and reported it. The vulnerability only impacted users of the Azure Automation Service. That service allows Azure users to use PowerShell or Python to write runbooks that automate many actions within Azure. READ MORE...

On This Date

  • ...in 1817, the New York Stock Exchange is founded.
  • ...in 1971, Muhammad Ali and Joe Frazier meet in the "Fight of the Century," with Frazier winning in 15 rounds via unanimous decison.
  • ...in 1978, the debut radio episode of Douglas Adams's "The Hitchhiker's Guide to the Galaxy" is transmitted by BBC Radio 4.
  • ...in 1979, Philips gives the first public demonstration of audio compact disc technology.