IT Security Newsletter

IT Security Newsletter - 5/2/2023

Written by Cadre | Tue, May 2, 2023

T-Mobile Says Personal Information Stolen in New Data Breach

US wireless carrier T-Mobile is informing some customers that their personal information was compromised in a recent data breach. After being alerted to unauthorized activity on its systems, the company discovered that a malicious actor had access to a "small number" of T-Mobile accounts between late February and March 2023. According to the wireless carrier, no personal financial account information or call records were compromised in the incident. READ MORE...

Medusa ransomware gang leaks students' psychological reports and abuse allegations

Students and teachers at the Minneapolis Public School (MPS) District, which suffered a huge ransomware attack at the end of February, have had highly sensitive information about themselves published on the web, including allegations of abuse by teachers and psychological reports. MPS initially said that it had refused to pay a US $1 million ransom to its extortionists, and that it had successfully restored its encrypted systems via backups. READ MORE...

IT giant Bitmarck shuts down customer, internal systems after cyberattack

German IT services provider Bitmarck has shut down all of its customer and internal systems, including entire datacenters in some cases, following a cyberattack. The company, one of the largest service providers for German health insurers, said no customer, patient, or insured individuals' data had been accessed in the security breach - at least not according to "the current state of knowledge," according to an April 30 update posted on its temporary website. READ MORE...

US Wellness Provides Notification of Data Security Incident

US Wellness has learned of a data security incident that may have involved personal and/or protected health information belonging to members of its wellness clients. US Wellness has sent notification letters to potentially involved individuals to notify them about this incident and provide resources to assist them. On January 31, 2023, US Wellness' vendor experienced a security incident that disrupted access to certain systems. READ MORE...

Leaked Files Show Extent of Ransomware Group's Access to Western Digital Systems

A ransomware group has leaked files showing the extent of their access to Western Digital systems and it appears that the hackers were closely monitoring the company's initial response to the breach from within its network. The digital storage giant announced a service outage on April 2 and the next day it confirmed that the cause was a cyberattack. The company at the time admitted that the hackers had gained access to some data, but it did not share any details. READ MORE...

APT28 Employs Windows Update Lures to Trick Ukrainian Targets

The Russia-linked APT28 hacking group targeted Ukrainian government bodies in a spear-phishing campaign that uses phony "Windows Update" guides. In April, CERT-UA observed malicious emails being sent on Microsoft Outlook from what appeared to be system administrators at government bodies - with a subject line that read "Windows Update." The emails sought to trick the recipients into "launching a command line and executing a PowerShell command." READ MORE...

Apple delivers first-ever Rapid Security Response "cyberattack" patch - leaves some users confused

We've written about the uncertainty of Apple's security update process many times before. We've had urgent updates accompanied by email notifications that warned us of zero-day bugs that needed fixing right away, because crooks were already onto them, but without even the vaguest description of what sort of criminals, and what they were up to, which would at least help to round out the story. READ MORE...

CISA Warns of Attacks Exploiting Oracle WebLogic Vulnerability Patched in January

The US Cybersecurity and Infrastructure Security Agency (CISA) has added three vulnerabilities to its known exploited vulnerabilities catalog, including an Oracle WebLogic flaw patched by the vendor in January. There do not appear to be any public reports describing exploitation of the WebLogic vulnerability. The security hole, tracked as CVE-2023-21839, can be exploited for remote code execution, allowing an attacker to take complete control of the targeted server. READ MORE...

  • ...in 1918, General Motors acquires the Chevrolet Motor Car Company.
  • ...in 1929, classic rock guitarist/songwriter Link Wray (best known for his instrumental "Rumble") is born in Dunn, NC.
  • ...in 1972, professional wrestler/action star Dwayne "The Rock" Johnson is born in Hayward, CA.
  • ...in 2011, Al-Qaeda mastermind Osama bin Laden is shot and killed by Navy SEAL Team 6 in a raid on his compound in Abbottabad, Pakistan.