IT Security Newsletter

IT Security Newsletter - 6/22/2023

Written by Cadre | Thu, Jun 22, 2023

UPS discloses data breach after exposed customer info used in SMS phishing

Multinational shipping company UPS is alerting Canadian customers that some of their personal information might have been exposed via its online package look-up tools and abused in phishing attacks. At first glance, the letters sent by UPS Canada, titled "Fighting phishing and smishing - an update from UPS," seem to be a warning to customers about the dangers of phishing. READ MORE...

Oreo maker Mondelez staff hit by data breach at third-party law firm

Snack giant Mondelez is warning past and present employees that their personal information may now be in the hands of hackers following a data breach at a third-party firm. Over 50,000 members of staff are receiving data breach notifications from the Oreo maker, after a data breach at Bryan Cave Leighton Paisner LLP, a law firm hired by Mondelez to provide legal advice. READ MORE...

iOttie discloses data breach after site hacked to steal credit cards

Car mount and mobile accessory maker iOttie warns that its site was compromised for almost two months to steal online shoppers' credit cards and personal information. iOttie is a popular manufacturer of mobile device car mounts, chargers, and accessories. In a new data breach notification issued yesterday, iOttie says they discovered on June 13th that its online store was compromised between April 12th, 2023, and June 2nd with malicious scripts. READ MORE...

ChatGPT shows promise in detecting phishing sites

ChatGPT can be used to generate phishing sites, but could it also be used to reliably detect them? Security researchers have tried to answer that question. Kaspersky researchers tested 5,265 (2322 phishing and 2943 safe) URLs. They asked ChatGPT (GPT-3.5) a simple question: "Does this link lead to a phish website?". Based only on the form of the URL, the AI chatbot had a 87.2% detection rate and a 23.2% false positive rate. READ MORE...

20-Year-Old Chinese APT15 Finds New Life in Foreign Ministry Attacks

From late 2022 to early 2023, a Chinese state-level threat actor used a novel malware to conduct espionage against foreign ministries in North and South America. The group in question, APT15 (aka Flea, Nickel, Vixen Panda, KE3CHANG, Royal APT, and Playful Dragon) already "has a track record of honing in on government targets, diplomatic missions, and embassies, likely for intelligence-gathering purposes," Symantec researchers explained in a June 21 blog post. READ MORE...

Apple Patches iOS Flaws Used in Kaspersky 'Operation Triangulation'

Apple has rolled out a major security-themed iOS update to fix remote code execution vulnerabilities that have already been exploited in the wild. The patches address a pair of vulnerabilities reported by Russian anti-malware vendor Kaspersky and follow the public documentation of 'Operation Triangulation,' a digital spy campaign that used zero-click iMessage exploits. READ MORE...

Emerging Ransomware Group 8Base Doxxes SMBs Globally

A ransomware group that operated under the radar for over a year has come to light in recent weeks, thanks to a series of business data leaks on the Dark Web. Since at least April 2022, 8base - not to be confused with the Florida-based software company of the same name - has been conducting double-extortion attacks against small and midsized businesses (SMBs). It all came to a head in May, when the group dumped data belonging to 67 organizations on the cyber underground. READ MORE...

Beware bad passwords as attackers co-opt Linux servers into cybercrime

Researchers at Korean anti-malware business AhnLab are warning about an old-school attack that they say they're seeing a lot of these days, where cybercriminals guess their way into Linux shell servers and use them as jumping-off points for further attacks, often against innocent third parties. The payloads unleashed by this crew of otherwise unsophisticated crooks could not only cost you money through unexpected electricity bills, but also tarnish your reputation. READ MORE...

Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites

Web application security firm Defiant warns of critical-severity authentication bypass vulnerabilities in two WordPress plugins with tens of thousands of installations. The first security defect, tracked as CVE-2023-2986 (CVSS score of 9.8/10), impacts the Abandoned Cart Lite for WooCommerce, a plugin that notifies customers who did not complete the purchase process, and which has more than 30,000 active installations. READ MORE...

  • ...in 1940, France formally surrenders to Germany, following a nearly two-month invasion by the Axis powers.
  • ...in 1942, Congress officially recognizes the Pledge of Allegiance.
  • ...in 1969, the Cuyahoga River catches fire near Cleveland, OH, drawing national attention to the problem of water pollution.
  • ...in 1978, astronomer James W. Christy discovers Charon, the largest moon of Pluto.