IT Security Newsletter - 4/7/2022
Suspected Chinese hackers are targeting India's power grid
Hackers likely affiliated with the Chinese government have been going after North India's power supply, according to a report by Recorded Future. Researchers observed "likely" network intrusions of at least seven state centers that carry out real-time grid control and electricity dispatch, according to the Wednesday evening report. The activity has been concentrated in North India, where China has clashed with India over disputed territory on the Himalayan border. READ MORE...
The Original APT: Advanced Persistent Teenagers
Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. But few organizations have a playbook for responding to the kinds of virtual "smash and grab" attacks we've seen recently from LAPSUS$, a juvenile data extortion group whose tactics have put some of the world's biggest corporations on edge. READ MORE...
Android apps with 45 million installs used data harvesting SDK
Mobile malware analysts warn about a set of applications available on the Google Play Store, which collected sensitive user data from over 45 million installs of the apps. The apps collected this data through a third-party SDK that includes the ability to capture clipboard content, GPS data, email addresses, phone numbers, and even the user's modem router MAC address and network SSID. READ MORE...
BlackCat Ransomware Targets Industrial Companies
A data theft tool used by the ransomware group tracked as BlackCat, ALPHV and Noberus suggests that the cybercriminals are increasingly interested in targeting industrial organizations. The BlackCat ransomware group, which operates under a ransomware-as-a-service (RaaS) model, emerged in November 2021 and it has since targeted organizations worldwide, including many in the United States. READ MORE...
VMware warns of critical vulnerabilities in multiple products
VMware has warned customers to immediately patch critical vulnerabilities in multiple products that threat actors could use to launch remote code execution attacks. "This critical vulnerability should be patched or mitigated immediately per the instructions in VMSA-2021-0011. The ramifications of this vulnerability are serious," VMware warned on Wednesday. READ MORE...
Nearly 40% of Macs Left Exposed to 2 Zero-Day Exploits
Between 35% and 40% of all supported Macs might be at heightened risk of compromise from two zero-day vulnerabilities that Apple has said are being exploited in the wild, but for which the company has not yet issued a patch. Apple disclosed the two vulnerabilities - CVE-2022-22675 and CVE-2022-22674 - last week and described them as impacting devices running its macOS, iOS, and iPadOS operating systems READ MORE...
SSRF Flaw in Fintech Platform Allowed for Compromise of Bank Accounts
A server-side request forgery (SSRF) flaw in an API of a large financial technology (fintech) platform potentially could have compromised millions of bank customers, allowing attackers to defraud clients by controlling their bank accounts and funds, researchers have found. A team at Salt Security's Salt Labs identified the vulnerability which allows clients to transfer money from their accounts on its platform into their bank accounts, researchers disclosed in a report published Thursday. READ MORE...
- ...in 1954, international action film star Jackie Chan ("Rumble in the Bronx", "Rush Hour") is born in Hong Kong.
- ...in 1964, IBM announces the System/360, the first mainframe computer system designed to cover the full range of scientific and commercial applications.
- ...in 1983, astronauts Story Musgrave and Don Peterson make the first Space Shuttle spacewalk on Challenger's maiden voyage.
- ...in 2001, the Mars Odyssey orbiter is launched. It will go on to become the longest-serving spacecraft at Mars, with a mission duration of 19 years and counting.