<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 5/15/2023

SHARE

Top News

Toyota: Data on More Than 2 Million Vehicles in Japan Were at Risk in Decade-Long Breach

A decade-long data breach in Toyota's much-touted online service put some information on more than 2 million vehicles at risk, the Japanese automaker said Friday. Spanning from January 2012 to April 2023, the problem with Toyota's cloud-based Connected service pertains only to vehicles in Japan, said spokesperson Hideaki Homma. The Connected service reminds owners to get maintenance checks and links to streaming entertainment and provides help during emergencies. READ MORE...


Philadelphia Inquirer Hit by Cyberattack Causing Newspaper's Largest Disruption in Decades

The Philadelphia Inquirer experienced the most significant disruption to its operations in 27 years due to what the newspaper calls a cyberattack. The company was working to restore print operations after a cyber incursion that prevented the printing of the newspaper's Sunday print edition, the Inquirer reported on its website. The news operation's website was still operational Sunday, although updates were slower than normal, the Inquirer reported. READ MORE...

Breaches

WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers

A vulnerability discovered in the official website of luxury sports car maker Ferrari could have exposed potentially sensitive information, according to a cybersecurity firm. The issue was discovered in March by researchers at Char49, a company that provides penetration testing, auditing and training services. Ferrari addressed the weakness within a week. The researchers noticed that the 'media[.]ferrari[.]com' domain is powered by WordPress and it was running a very old version of W3 Total Cache. READ MORE...


PharMerica Discloses Data Breach Impacting 5.8 Million Individuals

National pharmacy network PharMerica last week started sending out notification letters to more than 5.8 million individuals to disclose a data breach that occurred in March. Owned by BrightSpring Health, a provider of home and community-based health services, PharMerica operates over 2,500 facilities across the US and offers more than 3,100 pharmacy and healthcare programs. READ MORE...

Hacking

Ransomware group claims 2.5 terabytes of stolen data less than a month after emerging online

A ransomware group has emerged in recent weeks and has already listed four victims including three in the U.S. on its leak site, researchers with the cybersecurity firm Cisco Talos said Monday. The group that calls itself "RA GROUP" is just the latest entity to use the Babuk ransomware source code, which a developer leaked in September 2021 on a Russian-language forum. Just two months later Talos identified a group called "Tortillia" using the code to target Microsoft Exchange servers. READ MORE...

Software Updates

WordPress Plug-in Used in 1M+ Websites Patched to Close Critical Bug

WordPress plug-ins allow organizations to quickly extend the functionality of their websites without requiring any coding or advanced technical skills. But they have also been the biggest source of risk for website operators in recent years. The newest example is a critical privilege escalation vulnerability in a plug-in that over 1 million WordPress websites use, called Essential Addons for Elementor Plugin. The vulnerability affects versions 5.4.0 through 5.7.1 of the plug-in. READ MORE...

Malware

Malicious Chatbots Target Casinos in Southeast Asia

A campaign dating back to October 2021 has turned its attention toward Southeast Asian gambling operations with a sneaky new tactic - targeting customer support agents with chatbots. Researchers at ESET dubbed the campaign "ChattyGoblin" and traced it back to threat groups backed by China. ESET added that the threat actors rely primarily on Comm100 - which was first observed and documented by CrowdStrike - and LiveHelp apps. READ MORE...

Information Security

Whodunnit? Cybercrook gets 6 years for ransoming his own employer

This wasn't your typical cyberextortion situation. More precisely, it followed what you might think of as a well-worn path, so in that sense it came across as "typical" (if you will pardon the use of the word typical in the context of a serious cybercrime), but it didn't happen in the way you would probably have assumed at first. Starting in December 2020, the crime unfolded as follows: Attacker broke in via an unknown security hole. Attacker acquired sysadmin powers on the network. READ MORE...


Google adds unwanted tracker detection to Find My Device network

Last week we reported that Google and Apple were looking for input on a draft specification to alert users in the event of suspected unwanted tracking. Apple and Google said other tracker makers like Samsung, Tile, Chipolo, eufy Security, and Pebblebee have expressed interest in their draft. Now, Google has used its annual I/O conference keynote to announce updates to its Find My Device network aimed at stopping unwanted tracking by devices with built-in location-tracking capabilities. READ MORE...

Exploits/Vulnerabilities

PaperCut actively exploited by multiple threat actors, targeting education sector

Threat actors are actively exploiting unpatched versions of print management software PaperCut, the FBI and Cybersecurity and Infrastructure Security Agency warned Thursday in a joint advisory. The vulnerability, CVE-2023-27350, allows a threat actor to bypass authentication and initiate remote-code execution on a PaperCut application server. PaperCut released a patch for the vulnerability in March and researchers at Huntress began observing active exploitation in mid-April. READ MORE...


Discord discloses data breach after support agent got hacked

Discord is notifying users of a data breach that occurred after the account of a third-party support agent was compromised. The security breach exposed the agent's support ticket queue, which contained user email addresses, messages exchanged with Discord support, and any attachments sent as part of the tickets. Discord says it immediately addressed the breached support account by disabling it once the incident was discovered. READ MORE...

On This Date

  • ...in 1800, President John Adams moves the federal government from its original home in Philadelphia, to the nation's new capital in Washington, D.C.
  • ...in 1942, a bill establishing the Women's Auxiliary Army Corps (WAACs) becomes law, and granting women official military status in the US Army.
  • ...in 1963, astronaut Gordon Cooper becomes the first American to spend more than 24 hours in space, during the Mercury-Atlas 9 mission.
  • ...in 1973, California Angels pitcher Nolan Ryan strikes out 12 Kansas City Royals and walks three to pitch the first no-hitter of his career.