<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 5/20/2022

Breaches

Nikkei Says Customer Data Likely Impacted in Ransomware Attack

Asian media giant Nikkei has disclosed a ransomware attack that might have impacted customer data. Based in Tokyo, Nikkei, Inc. is a media company specialized in business, financial, and industry news, and which owns Financial Times and The Nikkei. With a daily circulation of over 3 million, The Nikkei is the world's largest financial newspaper. On Thursday, Nikkei announced that a server at its headquarters in Singapore was infected with ransomware last week. READ MORE...

Hacking

DoJ Won't Charge 'Good Faith' Security Researchers

The US Department of Justice announced this week that it has revised a policy that explicitly states it will not charge security researchers with violations of the Computer Fraud and Abuse Act (CFAA). The new guidance recognizes "good faith" security research done to promote safety and not carried out in a way that causes harm. The new policy, effective immediately, replaces the previous CFAA charging policy from 2014, the DOJ said. READ MORE...

Software Updates

Microsoft emergency updates fix Windows AD authentication issues

Microsoft has released emergency out-of-band (OOB) updates to address Active Directory (AD) authentication issues after installing Windows Updates issued during the May 2022 Patch Tuesday on domain controllers. The company has been working on a fix for this known issue causing authentication failures for some Windows services since May 12. The OOB Windows updates released today are available only via the Microsoft Update Catalog and will not be offered through Windows Update. READ MORE...

Malware

Conti ransomware shuts down operation, rebrands into smaller units

The notorious Conti ransomware gang has officially shut down their operation, with infrastructure taken offline and team leaders told that the brand is no more. The notorious Conti ransomware gang has officially shut down their operation, with infrastructure taken offline and team leaders told that the brand is no more. While public-facing 'Conti News' data leak and the ransom negotiation sites are still online, the Tor admin panels are now offline. READ MORE...

Exploits/Vulnerabilities

Majority of Kubernetes API Servers Exposed to the Public Internet

Researchers with Shadowserver Foundation have discovered more than 380,000 open Kubernetes API servers exposed on the Internet. That represents 84% of all global Kubernetes API instances observable online. The research was conducted across IPv4 infrastructure using HTTP GET requests. The researchers didn't do any intrusive checks to figure out exactly the level of exposure that the servers exhibited, but the findings suggest potential trouble across this landscape. READ MORE...


Two business-grade Netgear VPN routers have security vulnerabilities that can't be fixed

Netgear has admitted that multiple security vulnerabilities in its business-grade BR200 and BR500 VPN routers can't be fixed due to technical limitations outside of their control, and is offering users a free or discounted replacement router. Netgear's BR200 and BR500 VPN routers are marketed as remote networking solutions for small to medium-size businesses and home offices, and provide features such as a site-2-site VPN connection, a firewall, remote configuration and monitoring, and more. READ MORE...

Encryption

The flip side of the coin: Why crypto is catnip for criminals

Wherever you look these days, cryptocurrencies are in the news. And it's not just because of the recent slump in their prices. Everybody seems to have grabbed a slice of the crypto pie over the past few years, as 'things' like Bitcoin have gone from fringe curiosities to household names in a span of a decade, all while giving rise to hordes of newly-minted crypto millionaires. These days, it feels like you're either in or you're out (and left behind by the crypto revolution and the gold rush). READ MORE...

On This Date

  • ...in 1873, Levi Strauss and Jacob Davis receive a patent for rugged work pants with riveted seams, better known today as Levi's 501 blue jeans.
  • ...in 1899, Jacob German, operator of a taxicab for the Electric Vehicle Company, becomes the first driver to be arrested for speeding. He is driving 12 mph.
  • ...in 1911, comics and sci-fi writer Gardner Fox, the creator of The Flash and the Justice League of America, is born in Brooklyn, NY.
  • ...in 1927, Charles Lindbergh takes off in his custom-built plane, The Spirit of St. Louis, for the first-ever solo transatlantic flight