<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 6/16/2022

SHARE

Breaches

Elasticsearch server with no password or encryption leaks a million records

Researchers at security product recommendation service Safety Detectives claim they've found almost a million customer records wide open on an Elasticsearch server run by Malaysian point-of-sale software vendor StoreHub. Safety Detectives' report states it found a StoreHub sever that stored unencrypted data and was not password protected. The security company's researchers were therefore able to waltz in and access 1.7 billion records, in a trove totalling over a terabyte. READ MORE...

Hacking

State-Sponsored Phishing Attack Targeted Israeli Military Officials

An advanced persistent threat group, with ties to Iran, is believed behind a phishing campaign targeting high-profile government and military Israeli personnel, according to a report by Check Point Software. Targets of the campaign included a senior leadership in the Israeli defense industry, the former U.S. Ambassador to Israel and the former Deputy Prime Minister of Israel. READ MORE...

Software Updates

So Long, Internet Explorer. The Browser Retires Today

Internet Explorer is finally headed out to pasture. As of Wednesday, Microsoft will no longer support the once-dominant browser that legions of web surfers loved to hate - and a few still claim to adore. The 27-year-old application now joins BlackBerry phones, dial-up modems and Palm Pilots in the dustbin of tech history. IE's demise was not a surprise. A year ago, Microsoft said that it was putting an end to Internet Explorer on June 15, 2022, pushing users to its Edge browser, which was launched in 2015. READ MORE...

Malware

Tsunami of junk traffic that broke DDoS records delivered by tiniest of botnets

A massive flood of malicious traffic that recently set a new distributed denial-of-service record came from an unlikely source. A botnet of just 5,000 devices was responsible as extortionists and vandals continue to develop ever more powerful attacks to knock sites offline, security researchers said. The DDoS delivered 26 million HTTPS requests per second, breaking the previous record of 15.3 million requests for that protocol set only seven weeks ago. READ MORE...


Researchers Discover Way to Attack SharePoint and OneDrive Files With Ransomware

Researchers have discovered a functionality within Office 365 that could allow attackers to ransom files stored on SharePoint and OneDrive. On disclosure to Microsoft, the researchers were told the system 'is working as intended'. That is, it's a feature, not a flaw. It has long been considered that files stored and edited in the cloud are resilient to encryption extortion - the autosave and versioning features should provide sufficient backup capability. READ MORE...


Stealthy Symbiote Linux malware is after financial institutions

Symbiote, a new "nearly impossible to detect" Linux malware, targeted financial sectors in Latin America-and the threat actors behind it might have links to Brazil. These findings were revealed in a recent report, a joint effort between the Blackberry Research Team and Dr. Joakim Kennedy, a security researcher with Intezer. Despite its name, this Trojan is more parasitic than a mutual benefactor in a symbiosis, according to Dr. Kennedy. READ MORE...

Information Security

INTERPOL raids hundreds of scammy call centers in sweep

A worldwide sweep of more than 1,770 call centers suspected of telecommunications and email scams resulted in the arrests of 2,000 suspected scammers money launderers, INTERPOL announced Wednesday. The two-month operation, which involved 76 countries, also intercepted $50 million worth of stolen funds. The crackdown took place between March and May and focused on "social engineering scams." READ MORE...

Exploits/Vulnerabilities

Cisco Secure Email bug can let attackers bypass authentication

Cisco notified customers this week to patch a critical vulnerability that could allow attackers to bypass authentication and login into the web management interface of Cisco email gateway appliances with non-default configurations. The security flaw (tracked as CVE-2022-20798) was found in the external authentication functionality of virtual and hardware Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager appliances. READ MORE...


Citrix warns critical bug can let attackers reset admin passwords

Citrix warned customers to deploy security updates that address a critical Citrix Application Delivery Management (ADM) vulnerability that can let attackers reset admin passwords. Citrix ADM is a web-based solution that provides admins with a centralized cloud-based console for managing on-premises or cloud Citrix deployments, including Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix Secure Web Gateway. READ MORE...

On This Date

  • ...in 1858, Abraham Lincoln delivers his House Divided speech in Springfield, Illinois.
  • ...in 1884, Coney Island opens the "Switchback Railway", the first true roller coaster, designed by inventor LaMarcus Adna Thompson.
  • ...in 1911, IBM is founded as the Computing-Tabulating-Recording Company in Endicott, NY.
  • ...in 1916, President Woodrow Wilson signs a bill incorporating the Boy Scouts of America.