IT Security Newsletter - 6/12/2020
Fortune 500 insurance firm Genworth discloses data breach
Fortune 500 insurance holding company Genworth Financial disclosed a data breach after an unauthorized party gained access to insurance agents' online accounts using compromised login credentials. The U.S. mortgage and long term care insurer had revenue of $8,6 billion during the last fiscal year and it reached a deal with China Oceanwide Holdings Group that will allow the Chinese company to buy Genworth for $2.7 billion. READ MORE...
Alabama City to Pay $300,000 Ransom in Computer System Hack
A city in northern Alabama will pay a ransom worth $300,000 in Bitcoins in response to a hack of its computer system. Florence City Council voted unanimously at an emergency meeting Wednesday evening to make the payment from the city's insurance fund in an effort to preserve information tied to its city workers and customers, news outlets reported. Mayor Steve Holt said the city was contacted May 26 with information that its computer system had been compromised. READ MORE...
Russia-linked Gamaredon hacker crew using Microsoft's Visual Basic for Applications to pwn Microsoft's Outlook
Security researchers claim to have uncovered "several previously undocumented post-compromise tools" used by a Russia-linked APT to target Microsoft Office and Outlook through Visual Basic for Applications. In a statement about its findings, Slovakian infosec biz ESET said the tools "inject malicious macros or references to remote templates into existing documents on the attacked system, which is a very efficient way of moving within an organization's network, as documents are routinely shared amongst colleagues." READ MORE...
Kubernetes Falls to Cryptomining via Machine-Learning Framework
A unique cyberattack campaign that targets Kubeflow, a machine-learning toolkit for Kubernetes, has affected large swathes of container clusters, according to Microsoft. The Kubeflow open-source project is a popular framework for running machine-learning (ML) tasks in Kubernetes. According to an analysis this week, a suspicious Kubeflow image was seen deployed to thousands of clusters in April, all from a single public repository. READ MORE...
Facebook paid for a 0-day to help FBI unmask child predator
Facebook paid a cybersecurity firm six figures to develop a zero-day in a Tor-reliant operating system in order to unmask a man who spent years sextorting hundreds of young girls, threatening to shoot or blow up their schools if they didn't comply, Motherboard's Vice has learned. We already knew from court documents that the FBI tricked the man into opening a booby-trapped video that exposed his IP address. What we didn't know until now is that the exploit was custom-crafted at Facebook's behest and at its expense. READ MORE...
Critical Vulnerabilities Expose Siemens LOGO! Controllers to Attacks
Siemens' LOGO! programmable logic controllers (PLCs) are affected by critical vulnerabilities that can be exploited remotely to launch denial-of-service (DoS) attacks and modify the device's configuration. According to Siemens, the vulnerabilities impact all versions of its LOGO!8 BM devices, which are designed for basic control tasks. SIPLUS versions, which are meant for use in extreme conditions, are also affected. READ MORE...
- ...in 1963, civil rights activist Medgar Evers is assassinated in the driveway of his home in Jackson, MS.
- ...in 1965, the Supremes song "Back in My Arms Again" becomes their 5th consecutive single to reach #1.
- ...in 1987, President Reagan gives his famous "Tear down this wall" speech in West Berlin.
- ...in 2011, Corvette wins both GT classes in the 24 Hours of Le Mans on Chevrolet's 100th birthday.