IT Security Newsletter - 5/10/2024
America's enemies targeting US critical infrastructure should be 'wake-up call'
Digital intruders from China, Russia, and Iran breaking into US water systems this year should be a "wake-up call," according to former National Security Agency cyber boss Rob Joyce. "None of that was significantly consequential," Joyce explained during the NSA's annual State of the Hack panel at RSA Conference on Wednesday. Nonetheless, "that those countries had hackers to combat our critical infrastructure should be a wake-up call. READ MORE...
$10 million reward offer for apprehension of unmasked LockBit ransomware leader
Do you know Dmitry Yuryevich Khoroshev? If you do, there's a chance that you might well on the way to receiving a reward of up to $10 million. Law enforcement agencies across the US, UK, and Australia have named Dmitry Yuryevich Khoroshev as the mastermind behind the notorious LockBit ransomware group, estimated to have extorted $500 million from companies worldwide. LockBit was the world's biggest ransomware operation until February. READ MORE...
500,000 Impacted by Ohio Lottery Ransomware Attack
The Ohio Lottery cyberattack conducted last year by a ransomware group has impacted more than half a million individuals, the lottery said this week. The incident came to light in late December 2023, after the Ohio Lottery announced shutting down some systems in an effort to contain the breach. At around the same time, a seemingly new ransomware group named DragonForce took credit for the attack. READ MORE...
Dell warns of data breach, 49 million customers allegedly affected
Dell is warning customers of a data breach after a threat actor claimed to have stolen information for approximately 49 million customers. The computer maker began emailing data breach notifications to customers yesterday, stating that a Dell portal containing customer information related to purchases was breached. "We are currently investigating an incident involving a Dell portal," reads a Dell data breach notification. READ MORE...
Vast Network of Fake Web Shops Defrauds 850,000 & Counting
A vast criminal network has stolen the payment credentials of more than 850,000 victims so far with tens of thousands of fake Web shops built on expired domains. The group - dubbed BogusBazaar by the researchers at Germany-based Security Research Labs (SRLabs) who discovered it - operates out of China to manage an extensive network of more than 75,000 domains hosting fraudulent Web shops. READ MORE...
'The Mask' Espionage Group Resurfaces After 10-Year Hiatus
An advanced persistent threat (APT) group that has been missing in action for more than a decade has suddenly resurfaced in a cyber-espionage campaign targeting organizations in Latin America and Central Africa. The group, called "Careto" or "The Mask", began operations in 2007 and then seemingly wafted into thin air in 2013. Over that period, the Spanish-speaking threat actor claimed some 380 unique victims across 31 countries including the US, UK, France, Germany, China, and Brazil. READ MORE...
May 2024 Patch Tuesday forecast: A reminder of recent threats and impact
The thunderstorms of April patches have passed, and it has been pretty calm leading up to May 2024 Patch Tuesday. April 2024 Patch Tuesday turned out to be a busy one with 150 new CVEs addressed by Microsoft. There were 91 CVEs fixed in Windows 10, 69 in Windows 11, and 38 in Microsoft SQL Server. There were also security updates for Office and .NET, but only three CVEs were rated Critical and one CVE-2024-26234, a zero-day release. READ MORE...
Boeing refused to pay $200 million ransomware demand from LockBit gang
Boeing has confirmed that it received a demand for a massive $200 million after a ransomware attack by the notorious LockBit hacking group in October 2023. The company confirmed its link to the indictment of Dmitry Yuryevich Khoroshev, who was identified this week by the US Department of Justice as the true identity of LockBitSupp, the kingpin of the LockBit gang. READ MORE...
Widely used Telit Cinterion modems open to SMS takeover attacks
Security flaws in Telit Cinterion cellular modems, widely used in sectors including industrial, healthcare, and telecommunications, could allow remote attackers to execute arbitrary code via SMS. A set of eight separate issues, seven of them with identifiers CVE-2023-47610 through CVE-2023-47616 and another that has yet to be registered, were disclosed last November by security researchers at Kaspersky's ICS CERT division. READ MORE...
- ...in 1869, a ceremonial golden spike is driven to connect the Central Pacific and Union Pacific railroads, officially dedicating the First Transcontinental Railroad.
- ...in 1899, classic Hollywood dancer and singer Fred Astaire is born in Omaha, NE.
- ...in 1962, Marvel Comics publishes the first issue of "The Incredible Hulk."
- ...in 1994, Nelson Mandela is inaugurated as South Africa's first Black president.