IT Security Newsletter

IT Security Newsletter - 5/31/2024

Written by Cadre | Fri, May 31, 2024

Information of Hundreds of European Politicians Found on Dark Web

The email addresses and other information of hundreds of British, French and European Parliament politicians can be found on dark web marketplaces, according to privacy-focused solutions provider Proton. As part of a study conducted by Proton in collaboration with Constella Intelligence, the dark web was searched for nearly 2,300 official government email addresses belonging to members of the British, French and European Parliaments. READ MORE...

Mystery malware destroys 600,000 routers from a single ISP during 72-hour span

One day last October, subscribers to an ISP known as Windstream began flooding message boards with reports their routers had suddenly stopped working and remained unresponsive to reboots and all other attempts to revive them. "The routers now just sit there with a steady red light on the front," one user wrote, referring to the ActionTec T3200 router models Windstream provided to both them and a next door neighbor. "They won't even respond to a RESET." READ MORE...

BBC Data Breach Impacts 25,000 Employees

The BBC is informing current and former employees about a data breach discovered by its information security team. The UK media giant said it detected a "data security incident" involving files that stored information on BBC Pension Scheme members. The files, copied by an unidentified entity from a cloud storage service, included information such as names, National Insurance numbers, home addresses, and dates of birth. READ MORE...

Cooler Master confirms customer info stolen in data breach

Computer hardware manufacturer Cooler Master has confirmed that it suffered a data breach on May 19, allowing a threat actor to steal customer data. Cooler Master is a popular computer hardware manufacturer known for their cooling devices, computer cases, power supplies, and other peripherals. BleepingComputer reported yesterday that a threat actor known as 'Ghostr' told us they hacked the company's Fanzone website on May 18 and downloaded its linked databases. READ MORE...

FlyingYeti phishing crew grounded after abominable Ukraine attacks

Cloudflare's threat intel team claims to have thwarted a month-long phishing and espionage attack targeting Ukraine which it has attributed to Russia-aligned gang FlyingYeti. While this crew typically targets the Ukrainian military, this phishing expedition went after financially strapped citizens who had benefited from a government moratorium on evictions and utility disconnections for unpaid debt, which ended in January. READ MORE...

US Treasury says NFTs 'highly susceptible' to fraud, but ignored by high-tier criminals

The US Treasury Department has assessed the risk of non-fungible tokens (NFTs) being used for illicit finance, and has found them wanting for lack of proper roadblocks preventing illegal applications. In a report published on Wednesday, the Treasury Department concluded that NFTs "are highly susceptible to use in fraud and scams," and that inadequate cybersecurity and protections on NFT platforms makes it easy for cybercriminals to steal the once-popular digital assets. READ MORE...

Pirated Microsoft Office delivers malware cocktail on systems

Cybercriminals are distributing a malware cocktail through cracked versions of Microsoft Office promoted on torrent sites. The malware delivered to users includes remote access trojans (RATs), cryptocurrency miners, malware downloaders, proxy tools, and anti-AV programs. AhnLab Security Intelligence Center (ASEC) has identified the ongoing campaign and warns about the risks of downloading pirated software. READ MORE...

House Republican sounds the alarm on threats to food and agriculture sector

A top Republican on the House Agriculture Committee warned Thursday about increasing cybersecurity threats to food and agriculture due to growing reliance on technology and a lack of direction by the agency in charge of overseeing the sector. Rep. Brad Finstad, a Minnesota Republican and farmer, noted that people may not be aware just how high-tech agriculture has become over the years in pursuit of increased efficiency. READ MORE...

Law enforcement operation takes aim at an often-overlooked cybercrime linchpin

An international cast of law enforcement agencies has struck a blow at a cybercrime linchpin that's as obscure as it is instrumental in the mass-infection of devices: so-called droppers, the sneaky software that's used to install ransomware, spyware, and all manner of other malware. Europol said Wednesday it made four arrests, took down 100 servers, and seized 2,000 domain names that were facilitating six of the best-known droppers. READ MORE...

Okta Warns Once Again of Credential-Stuffing Attacks

For the second time in just more than a month, identity management service provider Okta is warning of credential-stuffing attacks, this time against the cross-origin authentication feature of its Customer Identity Cloud (CIC) authentication offering. The "suspicious activity" started on April 15, when Okta observed that the endpoints used to support CIC's cross-origin authentication feature first being attacked for "a number of our customers." READ MORE...

  • ...in 1927, the last Ford Model T is manufactured.
  • ...in 1930, actor/director Clint Eastwood ("A Fistful of Dollars", "Unforgiven") is born in San Francisco, CA.
  • ...in 1964, hip hop pioneer and Run-D.M.C. co-founder Darryl McDaniels (AKA D.M.C.) is born in Harlem, New York City.
  • ...in 2005, Vanity Fair reveals former FBI Associate Director Mark Felt as the crucial Watergate scandal informant "Deep Throat".