IT Security Newsletter - 5/24/2024
Almost all citizens of Dutch city have their personal data exposed
A data breach involving the Dutch city of Eindhoven left the personal information related to almost all of its citizens exposed. As Eindhovens Dagblad reports, two files containing the personal data of 221,511 inhabitants of Eindhoven were accessible to unauthorised parties for a period of time last year. Everyone who lives in the Netherlands has a citizen service number - a unique registration number that is used when dealing with the Dutch government and official bodies. READ MORE...
Casino cyberattacks put a bullseye on Scattered Spider - and the FBI is closing in
The cyberattacks against Las Vegas casinos over the summer put a big target on the backs of prime suspects Scattered Spider, according to Mandiant CTO Charles Carmakal. The Google-owned security biz has been tracking the loosely knit crew - believed to be teens and twenty-somethings located in the US and UK - since 2022 when they kicked off SIM swapping and social engineering attacks. READ MORE...
New Gift Card Scam Targets Retailers, Not Buyers, to Print Endless $$$
A Moroccan threat group has upgraded the classic gift card scam by targeting not retail customers but the systems that register the cards, allowing them to "print" money at will. Scammers have been using social engineering tactics to convince regular people to buy them gift cards for years. The playbook hasn't changed much over time, because it hasn't had to, it's as effective and profitable today as ever. READ MORE...
Google fixes eighth actively exploited Chrome zero-day this year
Google has released a new emergency security update to address the eighth zero-day vulnerability in Chrome browser confirmed to be actively exploited in the wild. The security issue was discovered internally by Google's Clément Lecigne and is tracked as CVE-2024-5274. It is a high-severity 'type confusion' in V8, Chrome's JavaScript engine responsible for executing JS code. "Google is aware that an exploit for CVE-2024-5274 exists in the wild," the company said in the security advisory. READ MORE...
JAVS courtroom recording software backdoored in supply chain attack
Attackers have backdoored the installer of widely used Justice AV Solutions (JAVS) courtroom video recording software with malware that lets them take over compromised systems. The company behind this software, also known as JAVS, says the digital recording tool currently has over 10,000 installations in many courtrooms, legal offices, correctional facilities, and government agencies worldwide. READ MORE...
Stalkerware App With Security Bug Discovered on Hotel Systems
A spyware app called pcTattletale was recently discovered tapping into the systems of several Wyndham hotels in the US. The app is described as "simple stalkerware" by Eric Daigle, who discovered it in the hotel chain's check-in systems when investigating consumer-grade spyware. The spyware was reportedly able to capture screenshots of the hotel booking systems, which included guest and customer information. READ MORE...
A root-server at the Internet's core lost touch with its peers. We still don't know why.
For more than four days, a server at the very core of the Internet's domain name system was out of sync with its 12 root server peers due to an unexplained glitch that could have caused stability and security problems worldwide. This server, maintained by Internet carrier Cogent Communications, is one of the 13 root servers that provision the Internet's root zone, which sits at the top of the hierarchical distributed database known as the domain name system, or DNS. READ MORE...
Stark Industries Solutions: An Iron Hammer in the Cloud
Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. An investigation into Stark Industries reveals it is being used as a global proxy network that conceals the true source of cyberattacks and disinformation campaigns against enemies of Russia. READ MORE...
Teslas can still be stolen with a cheap radio hack despite new keyless tech
For at least a decade, a car theft trick known as a "relay attack" has been the modern equivalent of hot-wiring: a cheap and relatively easy technique to steal hundreds of models of vehicles. A more recent upgrade to the radio protocol in cars' keyless entry systems known as ultra-wideband communications, rolled out to some high-end cars including the latest Tesla Model 3, has been heralded as the fix for that ubiquitous form of grand theft auto. READ MORE...
- ...in 1883, the Brooklyn Bridge is opened over the East River in New York City, after 14 years of construction.
- ...in 1935, the Cincinnati Reds beat the Philadelphia Phillies 2-1 in baseball's first-ever night game, played at Crosley Field in Cincinnati.
- ...in 1941, Germany's largest battleship, the Bismarck, sinks the pride of the British fleet, HMS Hood, during the Battle of the Atlantic.
- ...in 1963, novelist Michael Chabon ("The Amazing Adventures of Kavalier & Clay", "The Yiddish Policeman's Union") was born in Washington, D.C.