<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 4/12/2024

SHARE

Top News

FBI director echoes past warnings, as critical infrastructure hacking threat festers

FBI Director Christopher Wray said state-linked threat groups are ramping up threat activity against the U.S., and pose a continued risk to key critical infrastructure sectors, in a speech Tuesday before the American Bar Association's Standing Committee on Law and National Security. Threat actors linked with the People's Republic of China are continuing to build out offensive capabilities, setting up access to various sectors such as the water, energy and telecommunications industries. READ MORE...


Hackable Intel and Lenovo hardware that went undetected for 5 years won't ever be fixed

Hardware sold for years by the likes of Intel and Lenovo contains a remotely exploitable vulnerability that will never be fixed. The cause: a supply chain snafu involving an open source software package and hardware from multiple manufacturers that directly or indirectly incorporated it into their products. The lapse has resulted in Intel, Lenovo, and Supermicro shipping server hardware that contains a vulnerability that can be exploited to reveal security-critical information. READ MORE...

Breaches

East Central University suffers BlackSuit ransomware attack

The East Central University (ECU) of Ada, Oklahoma, has revealed that a ransomware gang launched an attack against its systems that left some computers and servers encrypted and may have also seen sensitive information stolen. In an advisory posted on its website, ECU claims that the BlackSuit ransomware gang was unsuccessful in taking down the university's critical services but were "able to conduct a successful attack on a variety of campus computers." READ MORE...


Sisense Password Breach Triggers 'Ominous' CISA Warning

While details are still emerging, the US federal government issued a password compromise warning to customers of business analytics platform Sisense and encouraged an immediate reset. The advisory from the Cybersecurity and Infrastructure Security Agency (CISA) urges Sisense customers not only to reset credentials to the platform, but also for passwords to any other sensitive data potentially accessed through Sisense services. READ MORE...

Hacking

LastPass: Hackers targeted employee in failed deepfake CEO call

LastPass revealed this week that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company's Chief Executive Officer. However, while 25% of people have been on the receiving end of an AI voice impersonation scam or know someone who has, according to a recent global study, the LastPass employee didn't fall for it because the attacker used WhatsApp, which is a very uncommon business channel. READ MORE...

Malware

DragonForce Ransomware - What You Need To Know

A relatively new strain of ransomware called DragonForce has making the headlines after a series of high-profile attacks. Like many other ransomware groups, DragonForce attempts to extort money from its victims in two ways - locking companies out of their computers and data through encryption, and exfiltrating data from compromised systems with the threat of releasing it to others via the dark web. READ MORE...

Information Security

Critical Rust Flaw Poses Exploit Threat in Specific Windows Use Cases

The Rust Project has issued an update for its standard library, after a vulnerability researcher discovered a specific function used to execute batch files on Windows systems could be exploited using an injection flaw. The set of common functions included with Rust programming language, known as the standard library, offers the ability to execute Windows batch files through the Command API. The function, however, did not eliminate the possibility of injecting code into the execution. READ MORE...


Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks

Today, Palo Alto Networks warns that an unpatched critical command injection vulnerability in its PAN-OS firewall is being actively exploited in attacks. "Palo Alto Networks is aware of a limited number of attacks that leverage the exploitation of this vulnerability," warns the Palo Alto security bulletin. The flaw is a command injection vulnerability that received the maximum severity score of 10.0 as it requires no special privileges or user interaction to exploit. READ MORE...

Exploits/Vulnerabilities

'BatBadBut' Command Injection Vulnerability Affects Multiple Programming Languages

Multiple programming languages are impacted by a critical-severity vulnerability leading to command injection in Windows applications, bug hunters at Flatt Security warn. The issue, named 'BatBadBut', exists because the Windows operating system spawns the 'cmd exe' process when executing batch (bat) files with the 'CreateProcess' function, and programming languages do not properly escape command arguments. READ MORE...


Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars

A second identifier has been assigned to the recently disclosed D-Link network-attached storage (NAS) device vulnerabilities, just as attack attempts have soared. An individual who uses the online moniker 'NetworkSecurityFish' has made public the details of a couple of vulnerabilities that can allow an unauthenticated attacker to hack some D-Link NAS devices. READ MORE...

On This Date

  • ...in 1945, President Franklin D. Roosevelt dies in office; Vice President Harry S. Truman assumes the Presidency after only 82 days as VP.
  • ...in 1954, Bill Haley & His Comets record "Rock Around the Clock," widely credited as the song that brought rock and roll into the mainstream world culture.
  • ...in 1961, Cosmonaut Yuri Gagarin becomes the first man to reach outer space and achieve Earth orbit, giving Russia a temporary lead in the Space Race.
  • ...in 1996, early Internet giant Yahoo! has its initial public offering, selling 2.6 million shares at $13 each.