IT Security Newsletter - 4/22/2024
MITRE Hacked by State-Sponsored Group via Ivanti Zero-Days
MITRE revealed on Friday that one of its R&D networks was hacked a few months ago by a foreign state-sponsored threat actor leveraging zero-day vulnerabilities in an Ivanti product. The attack occurred in early January, but it was only discovered this month. It targeted MITRE's Networked Experimentation, Research, and Virtualization Environment (NERVE), an unclassified collaborative network that is used for research, development, and prototyping. READ MORE...
Malware dev lures child exploiters into honeytrap to extort them
You rarely root for a cybercriminal, but a new malware campaign targeting child exploiters doesn't make you feel bad for the victims. Since 2012, threat actors have been creating a variety of malware and ransomware that pretend to be government agencies warning infected Windows users that they were viewing CSAM. The malware tells victims they must pay a "penalty" to prevent their information from being sent to law enforcement. READ MORE...
CrushFTP Patches Exploited Zero-Day Vulnerability
CrushFTP on Friday released patches for a zero-day vulnerability in the file transfer server, warning customers of its in-the-wild exploitation. Impacting CrushFTP versions 9, 10, and 11, the security defect allows an unauthenticated attacker to escape their virtual file system (VFS) and retrieve system files, potentially opening the door to further exploitation. In its advisory, CrushFTP points out that customers using a DMZ server are protected against attacks. READ MORE...
HelloKitty ransomware rebrands, releases CD Projekt and Cisco data
An operator of the HelloKitty ransomware operation announced they changed the name to 'HelloGookie,' releasing passwords for previously leaked CD Projekt source code, Cisco network information, and decryption keys from old attacks. The threat actor who made the announcement goes by the name 'Gookee/kapuchin0' and claims to be the original creator of the now-defunct HelloKitty ransomware. READ MORE...
Researchers claim Windows Defender can be fooled into deleting databases
Researchers at US/Israeli infosec outfit SafeBreach last Friday discussed flaws in Microsoft and Kaspersky security products that can potentially allow the remote deletion of files. Speaking at the Black Hat Asia conference in Singapore, researchers explained that Microsoft Defender and Kaspersky's Endpoint Detection and Response (EDR) can be made to detect false positive indicators of malicious files - and then to delete them. READ MORE...
Netflix doc accused of using AI to manipulate true crime story
An executive producer of the Netflix hit What Jennifer Did has responded to accusations that the true crime documentary used AI images when depicting Jennifer Pan, a woman currently imprisoned in Canada for orchestrating a murder-for-hire scheme targeting her parents. What Jennifer Did shot to the top spot in Netflix's global top 10 when it debuted in early April, attracting swarms of true crime fans who wanted to know more about why Pan paid hitmen $10,000 to murder her parents. READ MORE...
- ...in 1793, President George Washington proclaims American neutrality in the European wars following the French Revolution.
- ...in 1970, the first Earth Day is celebrated.
- ...in 1976, Barbara Walters becomes the first female nightly news anchor on network television.
- ...in 1978, The Blues Brothers make their debut as the musical guest on Saturday Night Live.