IT Security Newsletter

IT Security Newsletter - 6/21/2024

Written by Cadre | Fri, Jun 21, 2024

Chinese-aligned hacking group targeted more than a dozen government agencies, researchers find

An aggressive and prolific Chinese-speaking cyberespionage group has targeted the ministries of foreign affairs and embassies of at least nine countries across Africa, the Middle East, Europe and Asia, researchers with Cisco Talos said Friday, highlighting how hackers perhaps aligned with Beijing continue to evolve their operations to gather information about a variety of geopolitical hotspots. READ MORE...

Statewide 911 outage was caused by 911 vendor's malfunctioning firewall

A 911 vendor's malfunctioning firewall caused a statewide outage in the emergency calling system in Massachusetts on Tuesday afternoon, the state government said. A Massachusetts government press release issued yesterday said the state's 911 vendor, Comtech, "has advised State 911 that they have applied a technical solution to ensure that this does not happen again." READ MORE...

Santander warns US employees bank account info stolen in third-party database hack

Santander Bank warned thousands of U.S. employees that their direct deposit bank account information and social security numbers may have been obtained in a third-party database hack, according to filings with the Attorney's General of Maine and Vermont. An unauthorized party gained access to the employee data used for direct deposits between late April and early May. Santander said it immediately blocked access to the affected systems and continues to take further action to protect its systems. READ MORE...

Change Healthcare to Start Notifying Customers Who Had Data Exposed in Cyberattack

Change Healthcare is starting to notify hospitals, insurers and other customers that they may have had patient information exposed in a massive cyberattack. The company also said Thursday that it expects to begin notifying individuals or patients in late July. Change Healthcare, a subsidiary of health care giant UnitedHealth Group, provides technology used to submit and process billions of insurance claims a year. READ MORE...

Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks

Ohio-based Crown Equipment, which is among the largest industrial and forklift truck manufacturers in the world, has become a victim of a cyberattack "by an international cybercriminal organization," the company has finally confirmed to its employees on Tuesday. The confirmation came nine days after the company's network went down (on June 9) and eight days after its manufacturing plants came to a standstill (on June 10), as reported as reported by German security blogger Günter Born. READ MORE...

Citing national security, US will ban Kaspersky anti-virus software in July

The Biden administration will ban all sales of Kaspersky antivirus software in the US starting in July, according to reporting from Reuters and a filing from the US Department of Commerce (PDF). The US believes that security software made by Moscow-based Kaspersky Lab represents a national security risk and that the Russian government could use Kaspersky's software to install malware, block other security updates, and "collect and weaponize the personal information of Americans." READ MORE...

My health information has been stolen. Now what?

Digital transformation is helping healthcare providers across the globe to become more cost-efficient, while improving standards of patient care. But digitizing healthcare records also comes with some major cyber risks. Once your data is stored on IT systems that can be reached via the internet, it could be accidentally leaked, or accessed by malicious third parties. In the first 10 months of 2023 in the US, over 88 million people had their medical data exposed, according to government figures. READ MORE...

Spatial Computing Hack Exploits Apple Vision Pro Flaw to Fill Room With Spiders, Bats

A recently patched Vision Pro vulnerability has been classified by Apple as a denial-of-service (DoS) issue, but the researcher who found it has demonstrated that it's actually a "scary" bug. Apple recently announced the release of version 1.2 of visionOS, the operating system powering its Vision Pro virtual reality headset. The update addresses several vulnerabilities, one of which may also be what the reporting researcher has described as the "first ever spatial computing hack". READ MORE...

SolarWinds Serv-U path traversal flaw actively exploited in attacks

Threat actors are actively exploiting a SolarWinds Serv-U path-traversal vulnerability, leveraging publicly available proof-of-concept (PoC) exploits. Although the attacks do not appear particularly sophisticated, the observed activity underscores the risk posed by unpatched endpoints, emphasizing the urgent need for administrators to apply the security updates. The vulnerability, CVE-2024-28995, is a high-severity directory traversal flaw. READ MORE...

CosmicSting flaw impacts 75% of Adobe Commerce, Magento sites

A vulnerability dubbed "CosmicSting" impacting Adobe Commerce and Magento websites remains largely unpatched nine days after the security update has been made available, leaving millions of sites open to catastrophic attacks. According to Sansec's stats, roughly three out of four websites using the impacted e-commerce platforms have not patched against CosmicSting, which puts them at risk of XML external entity injection (XXE) and remote code execution (RCE). READ MORE...

  • ...in 1788, New Hampshire ratifies the U.S. Constitution and is admitted as the ninth state.
  • ...in 1903, artist Al Hirschfeld, famous for his caricatures of stage and screen actors, is born in St. Louis, MO.
  • ...in 1932, film and TV composer Lalo Schifrin ("Mission: Impossible", "Enter the Dragon") is born in Buenos Aires, Argentina.
  • ...in 2004, engineer Burt Rutan's SpaceShipOne becomes the first privately-funded manned vehicle to pass the boundary of space.