IT Security Newsletter

IT Security Newsletter - 4/17/2023

Written by Cadre | Mon, Apr 17, 2023

Google, CISA Warn of Android Flaw After Reports of Chinese App Zero-Day Exploitation

An Android vulnerability that was reportedly exploited as a zero-day by a Chinese application against millions of devices has been added to the known exploited vulnerabilities catalog maintained by the US Cybersecurity and Infrastructure Security Agency (CISA) after Google confirmed exploitation. Google said on March 21 that it had suspended the popular Chinese shopping application Pinduoduo on its app store after malware was discovered in versions of the app distributed through other websites. READ MORE...

Western Digital Hackers Demand 8-Figure Ransom Payment for Data

After stealing around 10TB of data from Western Digital Corp., the computer drive manufacturer behind digital storage brand SanDisk, hackers are now negotiating a ransom payment within an eight-figure range, according to reports. The hackers claim to have control of the company's code-signing certificate, company executives' private numbers, SAP back-office data, and administrator access to the company's Microsoft Azure cloud instance. READ MORE...

Russian SolarWinds Culprits Launch Fresh Barrage of Espionage Cyberattacks

As part of its ongoing invasion of Ukraine, Russian intelligence has once again enlisted the services of hacker group Nobelium/APT29, this time to spy on foreign ministries and diplomats from NATO-member states, as well as other targets in the European Union and Africa. The timing also dovetails with a spate of attacks on Canadian infrastructure, also believed to be linked to Russia. READ MORE...

Update now: Google emits emergency fix for zero-day Chrome vulnerability

Google on Friday released an emergency update for Chrome to address a zero-day security flaw. The vulnerability, tracked as CVE-2023-2033, can be exploited by a malicious webpage to run arbitrary code in the browser. Thus, surfing to a bad website with a vulnerable browser could lead to your device being hijacked. Exploit code for this hole is said to be circulating, and may well be in use already by miscreants. READ MORE...

Rorschach ransomware, with a rare encryption speed, makes it even harder for companies to respond

Rorschach, a highly sophisticated ransomware strain, stands out most for its ability to encrypt data more quickly than other known strains and evade advanced security detection, according to ransomware researchers and experts. The first iteration of the ransomware strain, which was detected by Check Point and deemed the "fastest ever ransomware" last week, carries autonomous propagation capabilities when executed on a Windows domain controller. READ MORE...

LockBit Ransomware Group Developing Malware to Encrypt Files on macOS

The notorious LockBit ransomware group is apparently developing a piece of malware that can encrypt files on devices running Apple's macOS operating system. Researchers have analyzed the malware to determine how much of a threat it actually poses. MalwareHunterTeam reported on Sunday that they had come across what appeared to be the first macOS malware sample developed by a major ransomware group. READ MORE...

Microsoft warns accounting firms of targeted attacks as Tax Day approaches

Accountants are being warned to be on their guard from malicious hackers, as cybercriminals exploit the rush to prepare tax returns for clients before the deadline of US Tax Day. US Tax Day, which falls on Tuesday April 18 this year, is the day on which income tax returns for individuals are due to be submitted to the government. Inevitably it's a busy time for accounting firms and bookkeepers who are feverishly collecting necessary documents from their clients. READ MORE...

Is AI being used for virtual kidnapping scams?

You may have seen a worrying report of Artificial Intelligence (AI) being used in a virtual kidnapping scam. The AI was supposedly used to imitate the voice of an Arizona resident's daughter, who claimed to have been kidnapped. The daughter was safe and well elsewhere on a school trip. Unfortunately, with the daughter out of sight this just made the scam seem more believable. Was she actually on the trip, or kidnapped? READ MORE...

Why is 'Juice Jacking' Suddenly Back in the News?

KrebsOnSecurity received a nice bump in traffic this week thanks to tweets from the Federal Bureau of Investigation (FBI) and the Federal Communications Commission (FCC) about "juice jacking," a term first coined here in 2011 to describe a potential threat of data theft when one plugs their mobile device into a public charging kiosk. It remains unclear what may have prompted the alerts, but the good news is that there are some fairly basic things you can do to avoid having to worry about juice jacking. READ MORE...

  • ...in 1907, Ellis Island processes 11,747 new immigrants, more than any other day in its 62-year history.
  • ...in 1937, Daffy Duck makes his film debut in the Porky Pig short "Porky's Duck Hunt."
  • ...in 1959, actor Sean Bean ("Goldeneye", "The Fellowship of the Ring") is born in Yorkshire, England.
  • ...in 1970, Apollo 13 returns safely to Earth after emergency in-flight repairs force an early end to its mission.