<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 4/21/2023

SHARE

Top News

3CX Supply Chain Attack Tied to Financial Trading App Breach

Turns out 3CX was not the original target in a recent supply chain compromise affecting customers of the video conferencing software maker: The attack came via a prior supply chain compromise involving Trading Technologies, a provider of high-performance trading software. That makes the breach at 3CX one of the first known instances where an adversary used one supply chain attack to enable a second supply chain attack in an effort to try and breach multiple organizations. READ MORE...

Breaches

Capita Confirms Data Breach After Ransomware Group Offers to Sell Stolen Information

UK-based business process outsourcing and professional services company Capita has confirmed that hackers have stolen data from its systems after a well-known ransomware group offered to sell information allegedly stolen from the organization. The incident came to light on March 31, when Capita said it was experiencing a major IT incident that prevented staff from logging into their systems. The company told the press at the time that it was too early to confirm that it was a cyberattack. READ MORE...

Hacking

US charges three men with six million dollar business email compromise plot

Three Nigerian nationals face charges in a US federal court related to a business email compromise (BEC) scam that is said to have stolen more than US $6 million from victims. 29-year-old Kosi Goodness Simon-Ebo was extradited from Canada to the United States earlier this month, according to a Department of Justice press release, and will appear before a federal court on Friday. READ MORE...


University websites using MediaWiki, TWiki hacked to serve Fortnite spam

Websites of multiple U.S. universities are serving Fortnite and 'gift card' spam. Researchers observed Wiki and documentation pages being hosted by universities including Stanford, MIT, Berkeley, UMass Amherst, Northeastern, Caltech, among others, were compromised. BleepingComputer confirmed the malicious campaign was live, and had targeted additional scholastic websites including that of the University of Michigan. READ MORE...

Malware

Ransomware Attack Hits Health Insurer Point32Health

Non-profit health insurer Point32Health says it has taken systems offline to contain a ransomware attack identified this week. Established in 2021 as the merger between Harvard Pilgrim Health Care and Tufts Health Plan, Point32Health is the second largest health insurer in Massachusetts, serving more than 2 million customers. In a notification published this week, the organization revealed that it fell victim to a ransomware attack on April 17, which forced it to take systems offline. READ MORE...


QBot changes tactic, remains a menace to business networks

QBot, an infostealer-turned-dropper that aids criminal gangs in their malicious campaigns, is now being distributed as part of a phishing campaign using PDFs and Windows Script Files (WSF), according to recent discoveries by malware hunter Proxylife (@pr0xylife) and the Cryptolaemus group (@Cryptolaemus1). The last time QBot (aka QakBot) had its modus operandi changed was in November. READ MORE...

Exploits/Vulnerabilities

'GhostToken' Opens Google Accounts to Permanent Infection

A security vulnerability in Google's Cloud Platform (GCP) could have allowed cyberattackers to hide an unremovable, malicious application inside a victim's Google account, dooming the account to a state of permanent, undetectable infection. The bug, dubbed "GhostToken," was discovered and reported by Astrix Security researchers. According to an analysis released by the team on April 20, the malicious app could have paved the way for a startling array of nefarious activity, READ MORE...

On This Date

  • ...in 1895, inventor Woodville Latham demonstrates the first motion picture projection technology, dubbed the "Eidoloscope", in New York City.
  • ...in 1918, German fighter pilot Manfred von Richthofen, also known as the "Red Baron", is killed by Allied fire near Amiens, France.
  • ...in 1934, the famous blurry photograph of the Loch Ness Monster is printed in the Daily Mail. It is later proven to be a hoax.
  • ...in 1992, astronomers Aleksandr Wolszczan and Dale Frail announce their discovery of the first known extrasolar planets, orbiting a pulsar 2300 light years from our Sun.