IT Security Newsletter - 4/20/2022
Apple iCloud account attack results in man losing $650,000 from his cryptocurrency wallet
Cryptocurrency wallet maker MetaMask has warned its 21 million monthly users to be wary of Apple iCloud backing up their app's data by default, after attackers successfully stole $650,000 of funds and NFTs. MetaMask user Domenic Iacovone revealed in a series of posts on Twitter that he had fallen victim to a social engineering attack that gave scammers access to his iCloud account. READ MORE...
Serious Vulnerabilities Found in AWS's Log4Shell Hot Patches
Hot patches made available by Amazon Web Services (AWS) in response to the recent Log4j vulnerabilities could be exploited for privilege escalation or to escape containers, according to Palo Alto Networks. Apache Log4j vulnerabilities disclosed in December 2021, including the one tracked as Log4Shell, can allow attackers to remotely execute arbitrary code and take control of vulnerable systems. READ MORE...
Russian state hackers hit Ukraine with new malware variants
Threat analysts report that the Russian state-sponsored threat group known as Gamaredon (a.k.a. Armageddon/Shuckworm) is launching attacks against targets in Ukraine using new variants of the custom Pteredo backdoor. Gamaredon has been launching cyber-espionage campaigns targeting the Ukrainian government and other critical entities since at least 2014. READ MORE...
Kaspersky cracks Yanluowang ransomware, offers free decryptor
Kaspersky has found a vulnerability in the Yanluowang ransomware encryption algorithm and, as a result, released a free decryptor tool to help victims of this software nasty recover their files. Yanluowang, named after a Chinese deity and underworld judge, is a type of ransomware that has been used against financial institutions and other firms in America, Brazil, and Turkey as well as a smaller number of organizations in Sweden and China, Kaspersky said yesterday. READ MORE...
QNAP urges customers to disable UPnP port forwarding on routers
Taiwanese hardware vendor QNAP urged customers on Monday to disable Universal Plug and Play (UPnP) port forwarding on their routers to prevent exposing their network-attached storage (NAS) devices to attacks from the Internet. UPnP is a set of insecure network protocols with no encryption and authentication that comes with support for peer-to-peer communications between devices. READ MORE...
Hackers can infect >100 Lenovo models with unremovable malware. Are you patched?
Lenovo has released security updates for more than 100 laptop models to fix critical vulnerabilities that make it possible for advanced hackers to surreptitiously install malicious firmware that can be next to impossible to remove or, in some cases, to detect. Three vulnerabilities affecting more than 1 million laptops can give hackers the ability to modify a computer's UEFI. READ MORE...
CISA warns of attackers now exploiting Windows Print Spooler bug
The Cybersecurity and Infrastructure Security Agency (CISA) has added three new security flaws to its list of actively exploited bugs, including a local privilege escalation bug in the Windows Print Spooler. This high severity vulnerability (tracked as CVE-2022-22718) impacts all versions of Windows per Microsoft's advisory and it was patched during the February 2022 Patch Tuesday. READ MORE...
- ...in 1902, Marie and Pierre Curie successfully isolate radioactive radium salts from the mineral pitchblende.
- ...in 1940, The first electron microscope is demonstrated by RCA researcher Vladimir Zworykin in Philadelphia, PA.
- ...in 1946, The League of Nations is dissolved, transferring most of its power to the United Nations.
- ...in 2008, Danica Patrick wins the Indy Japan 300, becoming the first woman in history to win an Indy car race.