IT Security Newsletter - 4/4/2024
Cyberattack hits Omni Hotels systems, taking out bookings, payments, door locks
Omni Hotels & Resorts' computer systems have been offline since Friday due to what the American luxury hospitality chain called a "disruption." We now know that a cyberattack forced the Texas-based corporation to take parts of its IT environment down. On April 1, Omni, which owns more than 50 properties across the US and Canada, confirmed it was suffering an outage via social media. READ MORE...
SurveyLama Data Breach Impacts 4.4 Million Users
Survey rewards platform SurveyLama says it is aware of a data breach impacting the personal information of more than 4.4 million users. The incident occurred in February but came to light this week, when the leaked information was added to the data breach notification platform Have I Been Pwned (HIBP). According to the alert service, more than 4.4 million user email addresses were compromised in the incident, along with various types of personal information. READ MORE...
Nearly 1M medical records feared stolen from City of Hope cancer centers
Nearly one million individuals' personal details, financial account information, and medical records may well have been stolen from City of Hope systems in the United States. Despite the name, City of Hope is a healthcare organization that operates cancer hospitals and outpatient centers in Duarte, California, as well as the Atlanta, Chicago, and Phoenix areas. The biz, which also carries out cancer research, disclosed it suffered an IT security breach on its website on Tuesday. READ MORE...
A "cascade" of errors let Chinese hackers into US government inboxes
Microsoft still doesn't known how Storm-0558 attackers managed to steal the Microsoft Services Account cryptographic key they used to forge authentication tokens needed to access email accounts belonging to US government officials. "The stolen 2016 MSA key in combination with [a] flaw in the token validation system permitted the threat actor to gain full access to essentially any Exchange Online account," CISA's Cyber Safety Review Board (CSRB) noted. READ MORE...
Cyberattack Shutters Some Operations at Japanese Lens Manufacturer
Japanese lens manufacturer Hoya is investigating a cyber incident that has disrupted several manufacturing sites as well as an ordering system this week. Hoya, one of the world's largest lens-makers, manufactures eyeglasses lenses, contact lenses, intraocular lenses, and endoscopic and other medical equipment lenses. In an update posted on its website today, the company disclosed that it spotted the incident affecting central IT operations and several facilities on March 30. READ MORE...
Fake Lawsuit Threat Exposes Privnote Phishing Sites
A cybercrook who has been setting up websites that mimic the self-destructing message service privnote.com accidentally exposed the breadth of their operations recently when they threatened to sue a software company. The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. READ MORE...
Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems
Progress Software this week released patches for a critical-severity vulnerability in Flowmon that could allow remote, unauthenticated attackers to gain access to systems. A widely used network monitoring and security solution, Flowmon includes analytics, reporting, and monitoring capabilities, allowing administrators to visualize network data and deal with cyber threats. The recently fixed bug is described as an OS command injection issue leading to unauthorized access to the system. READ MORE...
- ...in 1841, President William Henry Harrison dies of pneumonia after being in office for only one month.
- ...in 1917, The U.S. Senate votes 90-6 to enter World War I on the Allied side.
- ...in 1968, civil rights leader Rev. Dr. Martin Luther King Jr. is fatally shot by an assassin outside of the Lorraine Motel in Memphis, TN.
- ...in 1974, Atlanta Braves right fielder Hank Aaron ties Babe Ruth's home-run record (714), in a game against the Cincinnati Reds.