IT Security Newsletter - 5/6/2024
GAO: NASA Faces 'Inconsistent' Cybersecurity Across Spacecraft
NASA has gone some way to addressing its cybersecurity challenges, according to a government watchdog, but, it says, too many of its security policies and standards are still optional. The US Government Accountability Office (GAO) recently completed a review of three NASA projects: the Gateway Power and Propulsion Element, the Orion Multi-Purpose Crew Vehicle, and the Spectro-Photometer for the History of the Universe, Epoch of Reionization and Ices Explorer (SPHEREx). READ MORE...
City of Wichita Shuts Down Network Following Ransomware Attack
The City of Wichita, Kansas, on Sunday announced that it has shut down its computer network after falling victim to a ransomware attack. The disruptive incident occurred on May 5, when data on certain systems was encrypted by malware, prompting Wichita to turn off some of its systems, as a containment measure, with impact on certain online services. "We turned off our computer network. Wichita said details on the matter will be provided as the investigation into the incident advances. READ MORE...
French Cyberwarriors Ready to Test Their Defense Against Hackers and Malware During the Olympics
Just like the Olympic athletes, the cyberwarriors that will be crucial for the success of the Paris Games are deep into training for the big event. They have turned to friendly hackers to probe their cyberdefenses, like boxers who use sparring partners to ready them for a championship fight. They have studied and analyzed the strengths, tactics and weaknesses of their opponents. Those could be anyone from teenage showoffs and ransomware gangs to Russian military hackers. READ MORE...
Adding insult to injury: crypto recovery scams
It's a nightmare scenario for any cryptocurrency user. You fall victim to a crypto scam or cyberattack, resulting in stolen funds. You feel regret and shame - not to mention anger over the monetary loss. Unfortunately for many victims, this isn't where the story ends. Imagine an even worse outcome: you are approached by someone or see an advert offering cryptocurrency recovery services. But instead of getting your funds back, all they do is make off with the upfront fee you paid them. READ MORE...
BlackBasta claims Synlab attack, leaks some stolen documents
The BlackBasta ransomware / cyber extortion gang is behind the recent cyber attack that resulted in the temporary shutdown of operations at Synlab Italia. The group claimed the attack on their leak site on Saturday and says they have exfiltrated approximately 1.5 TB of company and customer data, employees' personal documents, as well as the results of customers' medical tests. The group threatens to leak the stolen data if the ransom isn't paid by May 11. READ MORE...
Finland warns of Android malware attacks breaching bank accounts
Finland's Transport and Communications Agency (Traficom) is warning about an ongoing Android malware campaign attempting to breach online bank accounts. The agency has highlighted multiple cases of SMS messages written in Finnish that instruct recipients to call a number. The scammer who answers the call instructs victims to install a McAfee app for protection. READ MORE...
You get a passkey, you get a passkey, everyone should get a passkey
Microsoft is rolling out passkey support for all consumer accounts. Passkeys are a very secure replacement for passwords that can't be cracked, guessed or phished, and let you log in easily, without having to type a password every time. After enabling them in Windows 11 last year, Microsoft account owners can now generate passkeys across multiple platforms including Windows, Android, and iOS. READ MORE...
Microsoft plans to lock down Windows DNS like never before. Here's how.
Translating human-readable domain names into numerical IP addresses has long been fraught with gaping security risks. After all, lookups are rarely end-to-end encrypted. The servers providing domain name lookups provide translations for virtually any IP address-even when they're known to be malicious. And many end-user devices can easily be configured to stop using authorized lookup servers and instead use malicious ones. READ MORE...
Critical GitLab Bug Under Exploit Enables Account Takeover, CISA Warns
A critical security vulnerability in GitLab is under active attack, according to CISA. It allows bad actors to send password reset emails for any account to an email address of their choice, thus paving the way for account takeover. "This will allow attackers to reset the password just as if they were a user that had legitimately forgotten theirs," says Erich Kron, security awareness advocate at KnowBe4. "From there, the account would belong to the bad actors." READ MORE...