IT Security Newsletter - 6/15/2020
Knoxville Ransomware Attack Leads to IT Network Shutdown
The city of Knoxville, Tenn. is reeling from a ransomware attack that knocked the city's network offline and prevented police officers from responding to non-life-threatening traffic crashes. The incident occurred Wednesday and shuttered systems until Thursday. Also impacted was the city's internal IT network, public website and court systems - forcing Friday court sessions to be rescheduled. READ MORE...
Hackers are quick to notice exposed Elasticsearch servers
Bad guys find unprotected Elasticsearch servers exposed on the web faster than search engines can index them. A study found that threat actors are mainly going for cryptocurrency mining and credential theft. For the duration of the experiment, a honeypot with a fake database recorded more than 150 unauthorized requests, the first one occurring less than 12 hours since being exposed. READ MORE...
Privnotes[.]com Is Phishing Bitcoin from Users of Private Messaging Service Privnote[.]com
For the past year, a site called Privnotes[.]com has been impersonating Privnote[.]com, a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Until recently, I couldn't quite work out what Privnotes was up to, but today it became crystal clear: Any messages containing bitcoin addresses will be automatically altered to include a different bitcoin address, as long as the Internet addresses of the sender and receiver of the message are not the same. READ MORE...
Magecart attackers hit Claire's, Intersport web shops
Magecart attackers have compromised web shops belonging to large retail chains Claire's and Intersport and equipped them with payment card skimmers. The compromise of Claire's online store and that of its sister brand Icing has been flagged by Sansec researchers. The skimmer was served from a domain made to look like it might belong to the company (claires-assets[.]com), and it was added to the two online stores between April 25th and 30th. READ MORE...
Palo Alto Networks reveals D-Link home router vulnerabilities
Taiwanese consumer technology manufacturer D-Link has issued security fixes for a series of bugs that, if exploited, could have enabled hackers to steal passwords and other sensitive data from home internet routers during the coronavirus pandemic. If used in concert, the vulnerabilities would have allowed attackers to scan network traffic to steal session cookies, and upload or download sensitive files. READ MORE...
Intel patches chip flaw that could leak your cryptographic secrets
This week, Intel patched a CPU security bug that hasn't attracted a funky name, even though the bug itself is admittedly pretty funky. Known as CVE-2020-0543 for short, or Special Register Buffer Data Sampling in its full title, it serves as one more reminder that as we expect processor makers to produce ever-faster chips that can churn through ever more code and data in ever less time… READ MORE...
- ...in 1836, Arkansas is admitted as the 25th U.S. state.
- ...in 1922, President Warren G. Harding becomes the first president to speak on the radio.
- ...in 1934, the Great Smoky Mountains National Park is founded along the border of Tennessee and North Carolina.
- ...in 2010, the famous 62-foot statue of Jesus at the Solid Rock Church in Monroe, OH burns down after being struck by lightning.