IT Security Newsletter - 5/12/2020
Celebrity personal data taken in ransomware attack
Today's big ransomware story is a star-studded affair, according to entertainment news website Variety[.]com. Variety says that the law firm Grubman Shire Meiselas & Sacks, or just gsmlaw[.]com for short, has experienced a ransomware attack that apparently involved the appropriately named REvil malware. Rather than simply knocking the law firm out of action temporarily, the ransomware crooks are said to have stolen personal data from a laundry list of celebrity clients, too. READ MORE...
Railway Vehicle Maker Stadler Hit by Malware Attack
Railway rolling stock manufacturer Stadler Rail is currently investigating a malware attack that forced some of its systems offline. Headquartered in Bussnang, Switzerland, the company produces a variety of trains (high-speed, intercity, regional and commuter heavy rail, underground, and tram trains), and trams, and has roughly 11,000 employees at over 40 locations. READ MORE...
Hacker Group Advertises Data From Multiple Fresh Breaches
A group of hackers has started to advertise on the dark web data allegedly stolen as a result of multiple recent breaches, including ones that affected Tokopedia, Styleshare, Minted, ChatBooks, and others. Known as "Shiny Hunters," the group recently claimed responsibility for hacking Tokopedia, Indonesia's largest online store, and claimed last week to have breached Microsoft's GitHub account. READ MORE...
Researcher finds 1,236 domains infected with credit card stealers
A security researcher collected in a span of a few weeks over 1,000 domains infected with payment card skimmers, showing that the MageCart continues to be a prevalent threat that preys on insecure web shops. MageCart was first spotted over a decade ago by cybersecurity company RiskIQ but attacks have grown rampant over the past two years when big-name companies were hit - British Airways, Ticketmaster, OXO, Newegg. READ MORE...
Astaroth's New Evasion Tactics Make It 'Painful to Analyze'
The operators of the Astaroth infostealer have implemented several new tactics aimed at evading detection, which researchers say have made the malware "painful to analyze." Astaroth first emerged in 2017, but has steadily been used over the years in increasingly sophisticated campaigns aimed at exfiltrating sensitive data. More recent analysis of the infostealer has now emerged, after it was discovered at the heart of a spear-phishing campaign targeting Brazilians over the past nine months. READ MORE...
Sphinx Malware Returns to Riddle U.S. Targets
The Zeus Sphinx banking trojan has seen a recent resurgence in the United States, sporting some modifications and using COVID-19 spam as a lure. Sphinx re-emerged in December but saw a big spike in March via the use of coronavirus themes. Since April, it has been seen attacking U.S. targets with a few changed processes. The main upgrades in the latest version can be found in the process-injection and bot-configuration aspects if the malware's operations, according to researchers. READ MORE...
- ...in 1907, actress Katharine Hepburn ("The Philadelphia Story", "The African Queen") is born in Hartford, CT.
- ...in 1937, stand-up comedian and writer George Carlin ("A Place for My Stuff", "Napalm and Silly Putty") is born in New York.
- ...in 1942, German engineer Konrad Zuse introduces the Z3, the world's first working programmable, fully automatic computer.
- ...in 1949, the Soviet Union lifts its blockade of Berlin.