IT Security Newsletter

IT Security Newsletter - 5/7/2021

Written by Cadre | Fri, May 7, 2021

US physics lab Fermilab exposes proprietary data for all to see

Multiple unsecured entry points allowed researchers to access data belonging to Fermilab, a national particle physics and accelerator lab supported by the Department of Energy. This week, security researchers Robert Willis, John Jackson, and Jackson Henry of the Sakura Samurai ethical hacking group have shared details on how they were able to get their hands on sensitive systems and data hosted at Fermilab. READ MORE...

Critical Cisco SD-WAN, HyperFlex Bugs Threaten Corporate Networks

Cisco has addressed two critical security vulnerabilities in the SD-WAN vManage Software, one of which could allow an unauthenticated attacker to carry out remote code execution (RCE) on corporate networks or steal information. The networking giant also disclosed a denial-of-service issue in vManage, and locally exploitable bugs that would allow an authenticated attacker to escalate privileges or gain unauthorized access to applications. READ MORE...

Intrusion Truth details work of suspected Chinese hackers who are under indictment in US

Intrusion Truth, a mysterious group known for exposing suspected Chinese cyber-espionage operations, on Thursday published a new investigation that traced front companies allegedly used by two Chinese men whom a U.S. grand jury indicted last year. The findings shed light on a dynamic that U.S. law enforcement officials say is increasingly common: foreign intelligence services' use of front companies to try to conceal their hacking operations. READ MORE...

New Moriya rootkit used in the wild to backdoor Windows systems

An unknown threat actor used a new stealthy rootkit to backdoor targeted Windows systems what looks like an ongoing espionage campaign dubbed TunnelSnake going back to at least 2018. Rootkits are malicious tools designed to evade detection by burying deep into the operating system and used by attackers to fully take over infected systems while avoiding detection. READ MORE...

Ryuk Ransomware Attack Sprung by Frugal Student

A European biomolecular research institute involved in COVID-19 research lost a week's worth of research data, all thanks to a Ryuk ransomware attack traced back to a student trying to save money by buying unlicensed software. Security researchers at Sophos described the attack in a report published on Thursday, after the security firm's Rapid Response team was called in to mop up the mess. READ MORE...

NSA offers advice: connecting OT to the rest of the net can lead to "indefensible levels of risk"

The US Defense Department and third-party military contractors are being advised to strengthen the security of their operational technology (OT) in the wake of security breaches, such as the SolarWinds supply chain attack. The guidance comes from the NSA, which this week has issued a cybersecurity advisory entitled "Stop Malicious Cyber Activity Against Connected Operational Technology" READ MORE...

Google wants to enable multi-factor authentication by default

Google strives to push all its users to start using two-factor authentication (2FA), which can block attackers from taking control of their accounts using compromised credentials or guessing their passwords. "Soon we'll start automatically enrolling users in 2SV if their accounts are appropriately configured," as Mark Risher, Google's Director of Product Management, Identity and User Security, revealed today. READ MORE...

New TsuNAME DNS bug allows attackers to DDoS authoritative DNS servers

Attackers can use a newly disclosed domain name server (DNS) vulnerability publicly known as TsuNAME as an amplification vector in large-scale reflection-based distributed denial of service (DDoS) attacks targeting authoritative DNS servers. In simpler terms, authoritative DNS servers translate web domains to IP addresses and pass this info to recursive DNS servers that get queried by regular users' web browsers when trying to connect to a specific website. READ MORE...

Twitter Tip Jar may expose PayPal address, sparks privacy concerns

This week Twitter has begun experimenting with a new feature called 'Tip Jar,' which lets Twitter users tip select profiles to support their work. Twitter iOS and Android app users using Twitter in English can now send tips to a limited group of people around the world, including creators, journalists, experts, and nonprofits. However, the new feature has sparked multiple concerns among Twitter users: from the sender's PayPal shipping address getting exposed, to how are "disputes" handled. READ MORE...

80% of Net Neutrality Comments to FCC Were Fudged

Broadband providers and a 19-year-old college student were among those who successfully hijacked public comments during a crucial decision-making process in 2017 to overturn net neutrality by flooding the Federal Communications Commission (FCC) with fraudulent comments indicating their position on the move, according to a new report. Overall, the Office of the New York Attorney General (OAG) found that fake comments accounted for nearly 18 million of the more than 22 million comments the FCC received during its 2017 rulemaking. READ MORE...

  • ...in 1946, the Tokyo Telecommunications Engineering Corporation is founded in Japan. 12 years later, it would change its name to "Sony."
  • ...in 1952, English scientist Geoffrey Dummer publishes a paper with the first public description of an integrated circuit, the basis of all modern electronics.
  • ...in 1992, the Space Shuttle Endeavour is launched on its first mission, including the only three-person EVA ever attempted.
  • ...in 1998, Mercedes-Benz buys Chrysler for $40 billion forming DaimlerChrysler.