<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 6/14/2021

SHARE

Top News

REvil Hits US Nuclear Weapons Contractor: Report

Sol Oriens, a subcontractor for the U.S. Department of Energy (DOE) that works on nuclear weapons with the National Nuclear Security Administration (NNSA), last month was hit by a cyberattack that experts say came from the relentless REvil ransomware-as-a-service (RaaS) gang. The Albuquerque, N.M. company's website has been unreachable since at least June 3, but Sol Oriens officials confirmed to Fox News and to CNBC that the firm became aware of the breach sometime last month. READ MORE...

Breaches

Audi, Volkswagen data breach affects 3.3 million customers

Audi and Volkswagen have suffered a data breach affecting 3.3 million customers after a vendor exposed unsecured data on the Internet. Volkswagen Group of America, Inc. (VWGoA) is the North American subsidiary of the German Volkswagen Group. It is responsible for US and Canadian operations for Volkswagen, Audi, Bentley, Bugatti, Lamborghini, and VW Credit, Inc. READ MORE...


Intuit notifies customers of hacked TurboTax accounts

Financial software company Intuit has notified TurboTax customers that some of their personal and financial information was accessed by attackers following what looks like a series of account takeover attacks. In a breach notification letter sent to affected customers earlier this month, the company said that this was not a "systemic data breach of Intuit." READ MORE...

Hacking

McDonald's discloses hack of customer data in South Korea and Taiwan

Hackers recently breached the IT systems of McDonald's and accessed email addresses, phone numbers and delivery addresses for certain customers in South Korea and Taiwan, the fast food giant said Friday. "In the coming days, a few additional markets will take steps to address files that contained employee personal data," McDonald's said in an emailed statement. READ MORE...

Malware

Burgeoning ransomware gang Avaddon appears to shut down, mysteriously

A ransomware gang has apparently disappeared just as its fortunes were rising. Ransomware experts said Avaddon shut down as of Friday. The operators left no explanation for why they might have done so, and they're letting their remaining victims off the hook. Avaddon sent Bleeping Computer 2,934 decryption keys, after which the security firm Emsisoft produced a free, public decryption tool. READ MORE...

Information Security

The AN0M fake secure chat app may have been too clever for its own good

In April 1943, Japanese admiral Isoroku Yamamoto was killed when the US Air Force shot down the plane carrying him to Balalae Airfield in the Solomon Islands. The attack was made possible by the USA cracking Japanese codes and decrypting a message that revealed Yamamoto's flight plan would just take him within range of America's scarce long-range aircraft. READ MORE...

Exploits/Vulnerabilities

GitHub Discloses Details of Easy-to-Exploit Linux Vulnerability

GitHub this week disclosed the details of an easy-to-exploit Linux vulnerability that can be leveraged to escalate privileges to root on the targeted system. The flaw, classified as high severity and tracked as CVE-2021-3560, impacts polkit, an authorization service that is present by default in many Linux distributions. The security hole was discovered by Kevin Backhouse of the GitHub Security Lab. READ MORE...


ALPACA - the wacky TLS security vulnerability with a funky name

TLS, short for Transport Layer Security, is an important part of online cybersecurity these days. TLS is the data protection protocol that puts the padlock in your browser's address bar, keeps your email encrypted while it's being sent (probably), and prevents cybercrooks from casually substituting the software you download with malware and other nasties. So, whenever a vulnerability is announced in TLS, given how much we rely on it, the announcement typically makes big headlines. READ MORE...

On This Date

  • ...in 1777, the Continental Congress adopts "The Stars and Stripes" as the flag of the United States of America.
  • ...in 1900, Hawaii becomes a United States territory.
  • ...in 1942, Anne Frank begins writing in the diary she received for her 13th birthday.
  • ...in 1951, UNIVAC I, the first US-produced commercial computer, is dedicated by the US Census Bureau.