<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 5/16/2023


Top News

Transportation Dept cyber breach exposes data of federal employees

The Department of Transportation has been hit with a data breach that may have exposed personally identifiable information of federal government employees, according to an email obtained by FedScoop. In the note, DOT said it was working to notify affected individuals whose personally identifiable information may have been compromised as a result of the breach and to help mitigate potential risks. READ MORE...


Lacroix manufacturing facilities shut down following cyberattack

French electronics manufacturer Lacroix closed three factories as a result of a cyberattack they "intercepted" over the weekend, the company has announced on Monday. Lacroix designs and produces electronic equipment for the automotive, home automation, aerospace, industrial and health sectors, as well as connected equipment for the management of critical infrastructures. READ MORE...

Airline exposes passenger info to others due to a 'technical error'

airBaltic, Latvia's flag carrier has acknowledged that a 'technical error' exposed reservation details of some of its passengers to other airBaltic passengers. Passengers also reported receiving unexpected emails which addressed them by the name of another customer. The Riga-based airline, incorporated as AS Air Baltic Corporation operates flights to 80 destinations and is 97% government-owned. READ MORE...


Microsoft Follina Bug Is Back in Meme-Themed Cyberattacks Against Travel Orgs

A threat actor is exploiting last year's Follina (RCE) remote code execution vulnerability to deploy the XWORM remote access trojan (RAT) and data-stealer against targets in the hospitality industry. On May 12, researchers from Securonix broke down the campaign, which uses Follina to drop Powershell code onto target machines, which is rife with various 4Chan and meme references. Thus, the researchers refer to the campaign as "MEME#4CHAN," due to the amorphous line it draws between stealth and internet humor. READ MORE...

Software Updates

Intel says Friday's mystery 'security update' microcode isn't really a security update

False alarm: despite a patch notes suggesting otherwise, that mysterious blob of microcode released for many Intel microprocessors last week was not a security update, the x86 giant says. In an email Monday, an Intel spokesperson told The Register that microcode-20230512, which popped up on the manufacturer's GitHub page "does not contain any security updates and the note, [INTEL-SA-NA], is meant to convey that there are no applicable (Not Applicable) security updates in the package." READ MORE...


Emerging ransomware group quickly hits 4 critical infrastructure providers

A new and highly active ransomware threat actor, RA Group, is targeting organizations in the manufacturing, finance, insurance and pharmaceuticals sectors, researchers at Cisco Talos said Monday. Within a week of its emergence on April 22, RA Group compromised three organizations in the U.S. and one in South Korea. The group listed its first three victims on its leak site on April 27 and added a fourth victim on April 28, according to Cisco Talos. READ MORE...

Stealthy MerDoor malware uncovered after five years of attacks

A new APT hacking group dubbed Lancefly uses a custom 'Merdoor' backdoor malware to target government, aviation, and telecommunication organizations in South and Southeast Asia. The Symantec Threat Labs revealed today that Lancefly has been deploying the stealthy Merdoor backdoor in highly targeted attacks since 2018 to establish persistence, execute commands, and perform keylogging on corporate networks. READ MORE...


Teltonika Vulnerabilities Could Expose Thousands of Industrial Organizations to Remote Attacks

Researchers at industrial cybersecurity companies Otorio and Claroty have teamed up to conduct a detailed analysis of products made by Teltonika and found potentially serious vulnerabilities that can expose many organizations to remote hacker attacks. Teltonika Networks is a Lithuania-based company that makes LTE routers, gateways, modems and other networking solutions that are used worldwide in the industrial, energy, utilities, smart city, transportation, enterprise, and retail sectors. READ MORE...

On This Date

  • ...in 1866, Congress introduces the five-cent nickel to replace the silver half-dime coin that had been in use since the 1790s.
  • ...in 1868, the Senate acquits President Andrew Johnson in his impeachment trial for high crimes and misdemeanors.
  • ...in 1929, the first Academy Awards are held at a private dinner party in Hollywood.
  • ...in 2011, the space shuttle Endeavour is launched from Kennedy Space Center for its 25th and final flight before being retired.