<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 4/16/2024

SHARE

Top News

Who Stole 3.6M Tax Records from South Carolina?

For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking into the state's revenue department in 2012 and stealing tax and bank account information for 3.6 million people. The answer may no longer be a mystery: KrebsOnSecurity found compelling clues suggesting the intrusion was carried out by the same Russian hacking crew that stole of millions of payment card records from big box retailers. READ MORE...

Breaches

Omni Hotels Says Personal Information Stolen in Ransomware Attack

Hospitality chain Omni Hotels & Resorts has confirmed that customer information was stolen in a cyberattack claimed by the Daixin Team ransomware group. The incident, which occurred on March 29, prompted Omni to shut down systems, which led to disruptions across the company's hotels and resorts. By April 8, Omni had restored systems across all properties. READ MORE...


Chipmaker Nexperia confirms breach after ransomware gang leaks data

Dutch chipmaker Nexperia confirmed late last week that hackers breached its network in March 2024 after a ransomware gang leaked samples of allegedly stolen data. Nexperia is a subsidiary of Chinese company Wingtech Technology that operates semiconductor fabrication plants in Germany and the UK, producing 100 billion units, including transistors, diodes, MOSFETs, and logic devices. The Nijmegen-based company employs 15,000 specialists and has an annual revenue of over $2.1 billion. READ MORE...

Hacking

Alleged cryptojacking scheme consumed $3.5M of stolen computing to make just $1M

Federal prosecutors indicted a Nebraska man on charges he perpetrated a cryptojacking scheme that defrauded two cloud providers-one based in Seattle and the other in Redmond, Washington-out of $3.5 million. The indictment, filed in US District Court for the Eastern District of New York and unsealed on Monday, charges Charles O. Parks III-45 of Omaha, Nebraska-with wire fraud, money laundering, and engaging in unlawful monetary transactions in connection with the scheme. READ MORE...

Malware

Ransomware Group Starts Leaking Data Allegedly Stolen From Change Healthcare

The RansomHub ransomware group has started publishing data allegedly stolen from healthcare transactions processor Change Healthcare in a February attack. The incident, which disrupted Change Healthcare's operations and caused healthcare system outages across the US, was mounted by an affiliate of the Alphv/BlackCat ransomware-as-a-service (RaaS), known under the moniker of 'Notchy'. READ MORE...


LockBit 3.0 Variant Generates Custom, Self-Propagating Malware

The LockBit ransomware-as-a-service (RaaS) group has struck another victim, this time using stolen credentials to launch a sophisticated attack against an unidentified organization in West Africa. The attackers used a new variant of the LockBit 3.0 builder, which was leaked in 2022. Kaspersky researchers discovered the latest variant at the end of March 2024 after responding to the incident in West Africa. READ MORE...

Information Security

Roku Mandates 2FA for Customers After Credential-Stuffing Compromise

Roku is now making two-factor authentication (2FA) mandatory for its users after two separate incidents in which customer accounts were compromised. Roughly 591,000 customers were affected earlier this year - the first instance, limited to 15,363 accounts, prompted Roku to keep a closer watch on customer account activity, which led to discovery of another incident affecting around 576,000 accounts. READ MORE...

Exploits/Vulnerabilities

Crickets from Chirp Systems in Smart Lock Key Leak

The U.S. government is warning that "smart locks" securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. The lock's maker Chirp Systems remains unresponsive, even though it was first notified about the critical weakness in March 2021. Meanwhile, Chirp's parent company, RealPage, Inc., is being sued by multiple U.S. states for allegedly colluding with landlords to illegally raise rents. READ MORE...


New SteganoAmor attacks use steganography to target 320 orgs globally

A new campaign conducted by the TA558 hacking group is concealing malicious code inside images using steganography to deliver various malware tools onto targeted systems. Steganography is the technique of hiding data inside seemingly innocuous files to make them undetectable by users and security products. TA558 is a threat actor that has been active since 2018, known for targeting hospitality and tourism organizations worldwide, focusing on Latin America. READ MORE...

On This Date

  • ...in 1940, Bob Feller of the Cleveland Indians throws a no-hitter.
  • ...in 1952, voice actor Billy West, best known as Fry on "Futurama" and Stimpy on "Ren & Stimpy", is born in Detroit, MI.
  • ...in 1963, The Beatles perform on BBC TV for the first time on The 625 Show.
  • ...in 1972, Apollo 16 is launched from Cape Canaveral. It will be the fifth lunar landing of the Apollo program.