IT Security Newsletter

IT Security Newsletter - 5/26/2022

Written by Cadre | Thu, May 26, 2022

Alleged Cybercrime Ringleader Arrested in Nigeria

An unnamed Nigerian man has been arrested over his alleged role leading a cybercrime group that specialized in phishing and business email compromise (BEC). The arrest, announced on Wednesday by Interpol, is the result of an international operation involving law enforcement and several cybersecurity companies. In December 2021, Nigerian police arrested 11 people believed to be involved in BEC schemes. READ MORE...

Millions of people's info stolen from MGM Resorts dumped on Telegram for free

Miscreants have dumped on Telegram more than 142 million customer records stolen from MGM Resorts, exposing names, postal and email addresses, phone numbers, and dates of birth for any would-be identity thief. The vpnMentor research team stumbled upon the files, which totaled 8.7 GB of data, on the messaging platform earlier this week, and noted that they "assume at least 30 million people had some of their data leaked." MGM Resorts did not respond to The Register's request for comment. READ MORE...

Hacker says hijacking libraries, stealing AWS keys was ethical research

Yesterday, developers took notice of two hugely popular Python and PHP libraries, respectively, 'ctx' and 'PHPass' that had been hijacked, as first reported in the news by BleepingComputer. Both of these legitimate open source projects had been altered to steal developer's AWS credentials. Considering 'ctx' and 'PHPass' have together garnered over 3 million downloads over their lifetimes, the incident sparked much panic and discussion among developers. READ MORE...

DDoS Extortion Attack Flagged as Possible REvil Resurgence

Concern has been raised that a coordinated distributed denial-of-service (DDoS) attack from a malicious actor could be associated with the notorious ransomware-as-a-service (RaaS) group REvil. According to a report from Akamai's Security Intelligence Response Team (SIRT), the attack was aimed at one of Akamai's hospitality customers. It consisted of a simple HTTP GET request, with a message demanding payment to a Bitcoin (BTC) wallet in exchange for stopping the attack. READ MORE...

Zoom Patches 'Zero-Click' RCE Bug

Zoom patched a medium-severity flaw, advising Windows, macOS, iOS and Android users to update their client software to version 5.10.0. The Google Project Zero security researcher Ivan Fratric noted in a report that an attacker can exploit a victim's machine over a zoom chat. The bug, tracked as CVE-2022-22787, has a CVSS severity rating of 5.9. "User interaction is not required for a successful attack. The only ability an attacker needs is to be able to send messages to the victim" Ivan explained. READ MORE...

New ERMAC 2.0 Android malware steals accounts, wallets from 467 apps

The ERMAC Android banking trojan has released version 2.0, increasing the number of applications targeted from 378 to 467, covering a much wider range of apps to steal account credentials and crypto wallets. The goal of the trojan is to send stolen login credentials to threat actors, who then use them to take control of other people's banking and cryptocurrency accounts and conduct financial or other forms of fraud. READ MORE...

Ransomware demands acts of kindness to get your files back

The great thing about working in the world of cybersecurity is that there's always something new. You may think you've seen it all, and then something comes along that completely surprises you. And that's certainly true of the GoodWill ransomware, which security firm CloudSEK described this week. In fact, the GoodWill ransomware stands out so much from the crowd that you might be forgiven for thinking that it is an April Fool's joke that has somehow broken out at the wrong time of year. READ MORE...

Critical Vulnerabilities Found in Open Automation Software Platform

Cisco's Talos research and threat intelligence unit revealed on Wednesday that one of its employees discovered several critical and high-severity vulnerabilities in the Open Automation Software Platform. Open Automation Software is a US-based company that provides connectivity solutions for ICS or IoT devices, databases, and custom applications. The firm says its solutions are used by some of the world's biggest companies, including in the energy, defense, aerospace, healthcare, and water sectors. READ MORE...

  • ...in 1864, President Lincoln signs an act establishing the Montana Territory.
  • ...in 1868, the U.S. Senate narrowly fails to convict President Andrew Johnson of the impeachment charges levied against him by the House.
  • ...in 1953, "It Came from Outer Space", the first science fiction film to be screened in 3-D, debuts in Los Angeles.
  • ...in 1959, Harvey Haddix of the Pittsburgh Pirates pitches 12 perfect innings against the Milwaukee Braves, only to lose the game.