<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 6/24/2020

Top News

Sodinokibi Ransomware Now Scans Networks For PoS Systems

Cybercriminals behind recent Sodinokibi ransomware attacks are now upping their ante and scanning their victims' networks for credit card or point of sale (PoS) software. Researchers believe this is a new tactic designed to allow attackers to get the biggest bang for their buck - ransom payments and credit card data. The compromise of PoS software is a cybercriminal favorite for siphoning credit card information from unknowing customers. READ MORE...

Breaches

Twitter Says Business Users Were Vulnerable to Data Breach

Twitter is apologizing to business users for a data breach while announcing that their personally identifiable information might have been compromised. It turns out that details such as email addresses, telephone numbers, and the last four digits of credit card numbers were stored in those users' browser caches. As a result, other individuals using the same computer could have looked at the information with no additional authorization or authentication. READ MORE...

Hacking

Fxmsp hackers made $1.5M selling access to corporate networks

New details have emerged on the activity of the infamous Fxmsp hacker that last year was advertising access to the networks of three cybersecurity vendors. Researchers tracking Fxmsp's ventures on underground forums counted the network intrusions associated with this actor and revealed the presumed identity of the attacker. Fxmsp became widely known outside hacker forums about a year ago when cybersecurity boutique Advanced Intelligence published a series of reports on the actor. READ MORE...

Malware

European victims refuse to bow to Thanos ransomware

A Thanos ransomware campaign targeting mid-level employees of multiple organizations from Austria, Switzerland, and Germany was met by the victims' refusal to pay the ransoms demanded to have their data decrypted. Thanos ransomware is a Ransomware-as-a-Service (RaaS) operation advertised on Russian-speaking hacker forums that allows affiliates to customize their own ransomware through a builder offered by the developer. READ MORE...

Information Security

New Zealand freezes $90 million connected to accused bitcoin launderer Alexander Vinnik

Authorities in New Zealand have seized the equivalent of $90 million in assets as part of an investigation into a Russian man accused of laundering cybercriminal funds through a global cryptocurrency exchange. The New Zealand Police announced Monday it had taken control of the funds, equivalent to $140 million in New Zealand dollars, belonging to Alexander Vinnik, the alleged operator of BTC-e, a currency trading platform shuttered by the U.S. government in 2017. READ MORE...

Exploits/Vulnerabilities

A zero-day guide for 2020: Recent attacks and advanced preventive techniques

Zero-day vulnerabilities enable threat actors to take advantage of security blindspots. Typically, a zero-day attack involves the identification of zero-day vulnerabilities, creating relevant exploits, identifying vulnerable systems, and planning the attack. The next steps are infiltration and launch. This article examines three recent zero-day attacks, which targeted Microsoft, Internet Explorer, and Sophos. READ MORE...

On This Date

  • ...in 1901, basketball player and Converse athletic-shoe namesake Chuck Taylor is born in Azalia, IN.
  • ...in 1916, Mary Pickford becomes the first female film star to sign a million-dollar contract.
  • ...in 1949, the first television western "Hopalong Cassidy" premieres on NBC.
  • ...in 1979, comedian and actress Mindy Kaling is born in Cambridge, MA.