<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 5/31/2022

SHARE

Top News

Zero-Day 'Follina' Bug Lays Microsoft Office Open to Attack

A zero-day vulnerability in Microsoft Office allows adversaries to run malicious code on targeted systems via a flaw a remote Word template feature. The warning comes from Japanese security vendor Nao Sec, which tweeted a warning about the zero day over the weekend. Noted security researcher Kevin Beaumont dubbed the vulnerability "Follina", explaining the zero day code references the Italy-based area code of Follina - 0438. READ MORE...

Breaches

US college VPN credentials for sale on Russian crime forums, FBI says

The FBI on Friday said that thousands of compromised credentials harvested from US college and university networks are circulating on online crime forums in Russia and elsewhere-and could lead to breaches that install ransomware or steal data. "The FBI is informing academic partners of identified US college and university credentials advertised for sale on online criminal marketplaces and publicly accessible forums," the agency said. READ MORE...


Hacker steals Verizon employee database after tricking worker into granting remote access

A database of contact information for hundreds of Verizon employees is in the hands of cybercriminals, after a member of staff was duped into granting a hacker access to their work PC. The revelation of a data breach comes from security journalist Lorenzo Franceschi-Bicchierai of Vice, who describes how an anonymous hacker contacted him earlier this month to brag about what they had achieved. READ MORE...

Hacking

The mystery of China's sudden warnings about US hackers

For the best part of a decade, US officials and cybersecurity companies have been naming and shaming hackers they believe work for the Chinese government. These hackers have stolen terabytes of data from companies like pharmaceutical and video game firms, compromised servers, stripped security protections, and highjacked hacking tools, according to security experts. And as China's alleged hacking has grown more brazen, individual Chinese hackers face indictments. However, things may be changing. READ MORE...


Italy warns organizations to brace for incoming DDoS attacks

Italy's Computer Security Incident Response Team (CSIRT) has issued an urgent alert to raise awareness about the high risk of cyberattacks against national entities on Monday. The type of cyberattack the Italian organization refers to is DDoS (distributed denial-of-service), which may not be catastrophic but can still cause damage, financial or otherwise, due to service outages and disruptions. READ MORE...

Malware

EnemyBot malware adds exploits for critical VMware, F5 BIG-IP flaws

EnemyBot, a botnet based on code from multiple malware pieces, is expanding its reach by quickly adding exploits for recently disclosed critical vulnerabilities in web servers, content management systems, IoT, and Android devices. The botnet was first discovered in March by researchers at Securonix and by April, when analysis of newer samples emerged from Fortinet, EnemyBot had already integrated flaws for more than a dozen processor architectures. READ MORE...


ChromeLoader Malware Hijacks Browsers With ISO Files

The browser-hijacking malware known as ChromeLoader is becoming increasingly widespread and growing in sophistication, according to two advisories released this week. It poses a big threat to business users. ChromeLoader is a sophisticated malware that uses PowerShell, an automation and configuration management framework, to inject itself into the browser and add a malicious extension. READ MORE...


Ransomware attack sends US county back to 1977

Somerset County, New Jersey, was hit by a ransomware attack this week that hobbled its ability to conduct business, and also cut off access to essential data. "Services that depend on access to county databases are temporarily unavailable, such as land records, vital statistics, and probate records. Title searches are possible only on paper records dated before 1977," the county said in a statement. READ MORE...

On This Date

  • ...in 1927, the last Ford Model T is manufactured.
  • ...in 1930, actor/director Clint Eastwood ("A Fistful of Dollars", "Unforgiven") is born in San Francisco, CA.
  • ...in 1964, hip hop pioneer and Run-D.M.C. co-founder Darryl McDaniels (AKA D.M.C.) is born in Harlem, New York City.
  • ...in 2005, Vanity Fair reveals former FBI Associate Director Mark Felt as the crucial Watergate scandal informant "Deep Throat".