IT Security Newsletter - 6/2/2022
FBI seizes domains tied to stolen records, DDoS services
The FBI and Justice Department said Tuesday they had seized the domain of a search engine service that claimed to offer users the ability to scour billions of records of personal data from more than 10,000 data breaches, effectively shutting down the criminal operation. The site, weleakinfo.to, offered a subscription service where customers could access personal information leaked in data breaches. READ MORE...
Iranian hackers planned attack on Boston Children's Hospital last summer, FBI director says
The FBI managed to detect and mitigate an attack by Iranian state-sponsored hackers against Boston's Children's Hospital last summer, FBI Director Christopher Wray revealed on Wednesday. "Quick actions by everyone involved, especially at the hospital, protected both the network and the sick kids that were dependent on it," Wray said at the Boston Conference on Cyber Security. READ MORE...
12K Misconfigured Elasticsearch Buckets Ravaged by Extortionists
Cyberattackers are targeting misconfigured Elasticsearch cloud buckets exposed on the public Internet and stealing the wide-open data, then replacing it with a ransom note. According to Secureworks Counter Threat Unit (CTU) researchers, more than 1,200 indexes have already been affected, with the attackers issuing 450 requests for Bitcoin payment in exchange for the return of the data. READ MORE...
Leaks Show Conti Ransomware Group Working on Firmware Exploits
The recent Conti leaks show that the notorious ransomware group has been working on firmware exploits targeting the Intel Management Engine (ME) system. In late February, after Conti expressed support for Russia following its invasion of Ukraine, a Ukrainian hacker started leaking information stolen from the cybercrime group, including chat logs, credentials, email addresses, C&C server details, and malware source code. READ MORE...
Clipminer malware gang stole $1.7M by hijacking crypto payments
Threat analysts have discovered a large operation of a new cryptocurrency mining malware called Clipminer that brought its operators at least $1.7 million from transaction hijacking. According to researchers from Symantec, a Broadcom company, Clipminer is based on the KryptoCibule malware. Both trojans focus on stealing wallets, hijacking transactions, and mining cryptocurrency on infected machines. READ MORE...
Foxconn confirms ransomware attack disrupted production in Mexico
Foxconn electronics manufacturer has confirmed that one of its Mexico-based production plants has been impacted by a ransomware attack in late May. The company did not provide any info on the group responsible for the attack but operators of the LockBit ransomware gang claimed responsibility. Foxconn operates three facilities in Mexico, which produce computers, LCD TVs, mobile devices, and set-top boxes, formerly used by Sony, Motorola, and Cisco Systems. READ MORE...
US Warns Organizations of 'Karakurt' Cyber Extortion Group
Several government agencies in the United States have issued a joint cybersecurity alert to warn organizations about a data extortion group named "Karakurt." Also known as the Karakurt Team and Karakurt Lair, the group does not rely on malware to encrypt victims' files, instead exfiltrating data and threatening to sell it or release it publicly if a ransom is not paid within a specific timeframe. READ MORE...
Microsoft Office apps are vulnerable to IDN homograph attacks
Microsoft Office apps - including Outlook and Teams - are vulnerable to homograph attacks based on internationalized domain names (IDNs). In practice, this means that users hovering above a link in a phishing email, a Word or Excel document they have receieved, or a message sent via Teams, can't tell that it will direct them to a spoofed malicious domain that's not what it purports to be. READ MORE...
- ...in 1865, the U.S. Civil War officially ends with the surrender of Gen. Edmund Kirby Smith, dissolving the last Confederate army.
- ...in 1935, Baseball Hall of Famer Babe Ruth ends his Major League playing career after 22 seasons.
- ...in 1953, Queen Elizabeth II is formally crowned monarch of the United Kingdom.
- ...in 1967, The Beatles album "Sgt. Pepper's Lonely Hearts' Club Band" is released in the US.