IT Security Newsletter

IT Security Newsletter - 5/28/2024

Written by Cadre | Tue, May 28, 2024

SEC fines NYSE's parent $10M for failing to report cyberattack

The Intercontinental Exchange agreed to pay a $10 million fine to settle charges that it caused nine wholly-owned subsidiaries - including the New York Stock Exchange which it owns - to violate a rule which required them to notify the Securities and Exchange Commission of a "cyber intrusion" within 24 hours unless it was immediately determined that the act would have no or a "de minimis" impact on operations or market participants, the SEC announced Wednesday. READ MORE...

Sav-Rx discloses data breach impacting 2.8 million Americans

Prescription management company Sav-Rx is warning over 2.8 million people in the United States that it suffered a data breach, stating that their personal data was stolen in a 2023 cyberattack. A&A Services, doing business as Sav-RX, is a pharmacy benefit management (PBM) company that provides prescription drug management services to employers, unions, and other organizations across the U.S. READ MORE...

Christie's Confirms Data Breach After Ransomware Group Claims Attack

Auction house Christie's has confirmed suffering a data breach after a ransomware group on Monday threatened to leak information stolen from the company. Christie's website went offline earlier this month due to what the company described at the time as a "technology security incident". The cyberattack was launched just as the auction house was attempting to sell high-value items worth an estimated $840 million. READ MORE...

Cencora data breach exposes US patient info from 11 drug companies

Some of the largest drug companies in the world have disclosed data breaches due to a February 2024 cyberattack at Cencora, whom they partner with for pharmaceutical and business services. Cencora, formerly AmerisourceBergen, is a pharmaceutical services provider specializing in drug distribution, specialty pharmacy, consulting, and clinical trial support. The Pennsylvania-based firm, with a presence in 50 countries, employs 46,000 people and has a revenue (2023) of $262 billion. READ MORE...

Best Buy and Geek Squad were most impersonated orgs by scammers in 2023

The Federal Trade Commission (FTC) has shared data on the most impersonated companies in 2023, which include Best Buy, Amazon, and PayPal in the top three. The federal agency detailed the top ten companies scammers impersonate and how much they make depending on the impersonation. By far the most impersonated corp was Best Buy and its repair business Geek Squad, with a total of 52k reports. Amazon impersonators came in second place with 34k reports, and PayPal a distant third with 10,000. READ MORE...

Potent youth cybercrime ring made up of 1,000 people, FBI official says

An aggressive, nebulous ring of young cybercriminals linked to a string of recent high-profile breaches is made up of approximately 1,000 people, a senior FBI official said Friday. In remarks Friday at the cybercrime-focused Sleuthcon conference, Bryan Vorndran, assistant director of the FBI's Cyber Division, described the group best known as Scattered Spider as a "very, very large, expansive, disbursed group of individuals," many of whom don't know each other directly. READ MORE...

Newly discovered ransomware uses BitLocker to encrypt victim data

A previously unknown piece of ransomware, dubbed ShrinkLocker, encrypts victim data using the BitLocker feature built into the Windows operating system. BitLocker is a full-volume encryptor that debuted in 2007 with the release of Windows Vista. Users employ it to encrypt entire hard drives to prevent people from reading or modifying data in the event they get physical access to the disk. READ MORE...

Attackers are probing Check Point Remote Access VPN devices

Attackers are trying to gain access to Check Point VPN devices via local accounts protected only by passwords, the company has warned on Monday. Their ultimate goal is to use that access to discover and pivot to other enterprise assets and users, and gain persistence in enterprise environments. In mid-April 2024, Cisco Talos warned about a global increase in brute-force attacks against VPN services, web application authentication interfaces and SSH services. READ MORE...

  • ...in 1588, A massive Spanish fleet, known as the "Invincible Armada", sets sail from Lisbon on a mission to secure control of the English Channel.
  • ...in 1892, naturalist John Muir organizes the Sierra Club.
  • ...in 1910, blues guitarist Aaron Thibeaux Walker, AKA "T-Bone" Walker, is born in Linden, TX.
  • ...in 1987, West German teenager Matthias Rust takes off from Helsinki in a small aircraft, makes an unauthorized 400-mile flight through Soviet airspace, and lands in Red Square.