<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 4/20/2020

SHARE

Top News

US govt: Hacker used stolen AD credentials to ransom hospitals

Hackers have deployed ransomware on the systems of U.S. hospitals and government entities using Active Directory credentials stolen months after exploiting a known pre-auth remote code execution (RCE) vulnerability in their Pulse Secure VPN servers. Even though the vulnerability tracked as CVE-2019-11510 was patched by Pulse Secure one year ago, the U.S. CISA warned organizations in January 2020 to patch their Pulse Secure VPN servers against ongoing attacks READ MORE...

Breaches

IT services firm Cognizant hit with Maze ransomware

Cognizant, a multibillion-dollar IT services company with clients in the banking and oil and gas industries, said Saturday its computer systems had been disrupted by Maze ransomware, a strain of malicious code that has been used in cyberattacks in the U.S. and Europe in recent months. "Our internal security teams, supplemented by leading cyber defense firms, are actively taking steps to contain this incident." the New Jersey-based company said in a statement. READ MORE...

Hacking

Supply-chain attack hits RubyGems repository with 725 malicious packages

More than 725 malicious packages downloaded thousands of times were recently found populating RubyGems, the official channel for distributing programs and code libraries for the Ruby programming language. The malicious packages were downloaded almost 100,000 times, although a significant percentage of those are likely the result of scripts that automatically crawl all 158,000 packages available in the repository. READ MORE...

Malware

Microsoft helped stop a botnet controlled via an LED light console

Microsoft says that its Digital Crimes Unit (DCU) discovered and helped take down a botnet of 400,000 compromised devices controlled with the help of an LED light control console. The botnet was used by the threat actors who controlled it for a wide variety of purposes ranging from phishing campaigns, malware distribution, ransomware payloads delivery, and launching distributed denial-of-service (DDoS) attacks. READ MORE...

Exploits/Vulnerabilities

Attacks on Linksys Routers Trigger Mass Password Reset

Home Linksys router users were targeted in a cyberattack that changed router settings, and redirected requests for specific webpages and domains to malicious Coronavirus-themed landing pages that were booby-trapped with malware. Researchers identified the attack last month, and earlier this week Linksys hit reset on users of its Linksys Smart Wi-Fi application to mitigate against future and past attacks. READ MORE...


DHS Urges Pulse Secure VPN Users To Update Passwords

The Department of Homeland Security (DHS) is urging companies that use Pulse Secure VPNs to change their passwords for Active Directory accounts, after several cyberattacks targeted companies who had previously patched a related flaw in the VPN. DHS warns that the Pulse Secure VPN patches may have come too late. Government officials say before the patches were deployed, bad actors were able to compromise Active Directory accounts. READ MORE...


Hackers can steal data through PC fan vibrations

Cyber criminals can exfiltrate sensitive data from a PC sat within an air-gapped system by using malware to manipulate the vibrations from internal CPU and GPU fans, it has emerged. By exploiting 'air-gap covert channels', hackers can steal data from systems totally isolated from network connectivity, beyond tightly-controlled local networks. Such air-gapped systems are normally used by corporate or government networks, and computer systems used for national defence. READ MORE...


Starbleed vulnerability: Attackers can gain control over FPGAs

Field Programmable Gate Arrays, FPGAs for short, are flexibly programmable computer chips that are considered very secure components in many applications. In a joint research project, scientists have now discovered that a critical vulnerability is hidden in these chips. They called the security bug Starbleed. Attackers can gain complete control over the chips and their functionalities via the vulnerability. READ MORE...

On This Date

  • ...in 1902, Marie and Pierre Curie successfully isolate radioactive radium salts from the mineral pitchblende.
  • ...in 1940, The first electron microscope is demonstrated by RCA researcher Vladimir Zworykin in Philadelphia, PA.
  • ...in 1946, The League of Nations is dissolved, transferring most of its power to the United Nations.
  • ...in 2008, Danica Patrick wins the Indy Japan 300, becoming the first woman in history to win an Indy car race.