<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 3/9/2020

SHARE

Breaches

Cyber Command was worried that WikiLeaks dump would burn Operation Aurora intel, document shows

When WikiLeaks released a trove of diplomatic cables in 2010 on everything from terrorism to Russian President Vladimir Putin to computer intrusions, it set off shockwaves through the Department of Defense and intelligence community over the knowledge being dumped into the public domain. Now we know that unauthorized release even impacted U.S. Cyber Command. READ MORE...

Software Updates

Zoho Fixes No-Auth RCE Zero-Day in ManageEngine Desktop Central

Web-based office suite and SaaS services provider Zoho released a security update to fix a remote code execution vulnerability found in its ManageEngine Desktop Central endpoint management solution that does not require authentication to be exploited. Desktop Central helps companies like managed service providers (MSPs) to manage devices such as servers, laptops, desktops, smartphones, and tablets from a central location. READ MORE...

Malware

Next-Gen Ransomware Packs a 'Human' Punch, Microsoft Warns

Researchers are warning that "human operated" ransomware campaigns are growing more sophisticated, adopting new infection tactics and lateral movement techniques that traditional defense teams aren't equipped to handle. Researchers said that "auto-spreading" ransomware - like WannaCry and NotPetya - are making headlines due to the crippling downtimes that these attacks cause. However, "human operated" ransomware - like REvil, Bitpaymer, and Ryuk - are adopting new techniques that are enabling them to operate unfettered in networks. READ MORE...


Ryuk Ransomware Behind Durham, North Carolina Cyberattack

The City of Durham, North Carolina has shut down its network after suffering a cyberattack by the Ryuk Ransomware this weekend. Local media reports that the city fell victim to a phishing attack that ultimately led to the deployment of the Ryuk Ransomware on their systems. To prevent the attack from spreading throughout their network, the City of Durham has "temporarily disabled all access into the DCI Network for the Durham Police Department, the Durham Sheriff's Office and their communications center". READ MORE...

Information Security

Spread of Coronavirus-Themed Cyberattacks Persists with New Attacks

As the coronavirus blows up into a worldwide pandemic, threat actors continue to exploit the disease to spread malware. Just this week, cybersecurity professionals identified a bevy of new threats ranging from coronavirus-themed malware attacks, booby-trapped URLs and credential stuffing scams. On Tuesday, researchers reported two malware campaigns connected to the coronavirus: One that uses a phishing email to spread Remcos RAT and malware payloads and the other using a Microsoft Office document to drop a backdoor onto a victim's computer. READ MORE...

Exploits/Vulnerabilities

Hackers Can Clone Millions of Toyota, Hyundai, and Kia Keys

Over the past few years, owners of cars with keyless start systems have learned to worry about so-called relay attacks, in which hackers exploit radio-enabled keys to steal vehicles without leaving a trace. Now it turns out that many millions of other cars that use chip-enabled mechanical keys are also vulnerable to high-tech theft. A few cryptographic flaws combined with a little old-fashioned hot-wiring-or even a well-placed screwdriver-lets hackers clone those keys and drive away in seconds. READ MORE...

Science & Culture

Don't Panic: The comprehensive Ars Technica guide to the coronavirus

More than 100,000 people have been infected with a new coronavirus that has spread widely from its origin in China over the past few months. More than 3,000 have already died. Our comprehensive guide for understanding and navigating this global public health threat is below. This is a rapidly developing epidemic, and we will update this guide regularly to keep you as prepared and informed as possible. READ MORE...