<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 5/2/2024

SHARE

Top News

Russian Hackers Target Industrial Systems in North America, Europe

Government agencies from the United States, Canada and the United Kingdom are providing recommendations to critical infrastructure organizations following a series of attacks launched by apparent pro-Russia hacktivists against industrial control systems (ICS) and other operational technology (OT) systems. A fact sheet authored by the cybersecurity agency CISA and its partners reveals that hacktivist groups have been attempting to compromise ICS and OT systems in North America and Europe. READ MORE...

Breaches

Dropbox says attackers accessed customer and MFA info, API keys

File hosting service Dropbox has confirmed that attackers have breached the Dropbox Sign production environment and accessed customer personal and authentication information. "From a technical perspective, Dropbox Sign's infrastructure is largely separate from other Dropbox services. That said, we thoroughly investigated this risk and believe that this incident was isolated to Dropbox Sign infrastructure, and did not impact any other Dropbox products," the company shared on Wednesday. READ MORE...


Panda Restaurants discloses data breach after corporate systems hack

Panda Restaurant Group, the parent company of Panda Express, Panda Inn, and Hibachi-San, disclosed a data breach after attackers compromised its corporate systems in March and stole the personal information of an undisclosed number of associates. Panda Express is the largest Chinese fast food chain in the United States, with over $3 billion in sales and 47,000 associates working in 2,300 branches. READ MORE...

Hacking

Hacker free-for-all fights for control of home and office routers everywhere

Cybercriminals and spies working for nation-states are surreptitiously coexisting inside compromised name-brand routers as they use the devices to disguise attacks motivated both by financial gain and strategic espionage, researchers said. In some cases, the coexistence is peaceful, as financially motivated hackers provide spies with access to already compromised routers in exchange for a fee, researchers from security firm Trend Micro reported Wednesday. READ MORE...


Iranian hackers impersonate journalists in social engineering campaign

A hacking group linked to the intelligence wing of Iran's Revolutionary Guard Corps impersonated journalists and human rights activists as part of a social engineering campaign, according to research released Wednesday by Mandiant and Google Cloud. The news organizations impersonated in the operation include The Washington Post, The Economist and The Jerusalem Post, and Mandiant's researchers assess that the campaign was carried out by the hacking crew known as APT42. READ MORE...

Malware

New SOHO router malware aims for cloud accounts, internal company resources

Cuttlefish, a new malware family that targets enterprise-grade small office/home office (SOHO) routers, is used by criminals to steal account credentials / secrets for AWS, CloudFlare, Docker, BitBucket, Alibaba Cloud and other cloud-based services. "With the stolen key material, the actor not only retrieves cloud resources associated with the targeted entity but gains a foothold into that cloud ecosystem, " Black Lotus Labs researchers noted. READ MORE...

Information Security

'DuneQuixote' Shows Stealth Cyberattack Methods Are Evolving. Can Defenders Keep Up?

If a recent wily cyber-espionage campaign against Middle Eastern government entities is any indication, cyber defenders will need to upgrade their malware detection capabilities soon. Cybersecurity, the trope goes, is a cat-and-mouse game. Companies move to Linux and macOS, so attackers follow them there. Attackers deliver malware in phishing attachments, so Microsoft blocks Internet macros, so attackers adjust. READ MORE...

Exploits/Vulnerabilities

1,400 GitLab Servers Impacted by Exploited Vulnerability

A critical vulnerability in GitLab's email verification process, which can lead to password hijacking, is being exploited in the wild, the US cybersecurity agency CISA warns. Tracked as CVE-2023-7028 (CVSS score of 10/10), the flaw allows for password reset messages to be sent to email addresses that have not been verified, enabling attackers to hijack the password reset process and take over accounts. READ MORE...

On This Date

  • ...in 1918, General Motors acquires the Chevrolet Motor Car Company.
  • ...in 1929, classic rock guitarist/songwriter Link Wray (best known for his instrumental "Rumble") is born in Dunn, NC.
  • ...in 1972, professional wrestler/action star Dwayne "The Rock" Johnson is born in Hayward, CA.
  • ...in 2011, Al-Qaeda mastermind Osama bin Laden is shot and killed by Navy SEAL Team 6 in a raid on his compound in Abbottabad, Pakistan.