<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 6/25/2020

Top News

Akamai Mitigates Record 809 MPPS DDoS Attack

Akamai on Thursday revealed that it mitigated a second record-setting distributed denial-of-service (DDoS) attack since the beginning of June, one that peaked at 809 MPPS (million packets per second). Earlier this month, the company shared details on the mitigation of a 1.44 TBPS (terabytes per second) DDoS assault that reached 385 MPPS at its peak, but the more recent incident, which happened on June 21, was more than double the size in terms of PPS. READ MORE...

Breaches

Exposed Frost & Sullivan databases for sale on hacking forum

U.S. business consulting firm Frost & Sullivan was breached after data from an unsecured backup folder exposed on the Internet was sold on a hacker forum. Frost & Sullivan is a business consulting firm that assists companies in growth strategy, market research, on corporate training. With 40 locations throughout the world and over 1,800 employees, Frost & Sullivan is a well-known consulting firm. READ MORE...


LG Electronics allegedly hit by Maze ransomware attack

Maze ransomware operators have claimed on their website that they breached and locked the network of the South Korean multinational LG Electronics. The details of the attack have not been released but the hackers stated that they have stolen from the company proprietary information for projects that involve big U.S. Companies. Maze publishes information on their victims when their ransom demands are not accepted or contact with the breached entity halts. READ MORE...

Hacking

DDoSecrets' mission is 'unchanged' in wake of 'Blue Leaks' Twitter ban

After Twitter blacklisted an emerging anti-secrecy group for distributing a vast collection of data stolen from U.S. law enforcement agencies, a co-founder of the WikiLeaks-style startup says it won't go away quietly. Emma Best, who helps lead Distributed Denial of Secrets, announced on a personal account Tuesday that Twitter had permanently banned the @DDoSecrets account for violating the company's rules about distributing hacked materials. READ MORE...

Malware

Glupteba - the malware that gets secret messages from the Bitcoin blockchain

Here's a SophosLabs technical paper that should tick all your jargon boxes! Our experts have deconstructed a strain of malware called Glupteba that uses just about every cybercrime trick you've heard of, and probably several more besides. Like a lot of malware these days. Glupteba is what's known a zombie or bot (short for software robot) that can be controlled from afar by the crooks who wrote it. READ MORE...


Self-Propagating Lucifer Malware Targets Windows Systems

Security experts have identified a self-propagating malware, dubbed Lucifer, that targets Windows systems with cryptojacking and distributed denial-of-service (DDoS) attacks. The never-before-seen malware initially tries to infect PCs by bombarding them with exploits in hopes of taking advantage of an "exhaustive" list of unpatched vulnerabilities. While patches for all the critical and high-severity bugs exist, the various companies impacted by the malware had not applied the fixes. READ MORE...


Emerging Ransomware Targets Photos, Videos on Android Devices

A new strain of ransomware has arisen in Canada, targeting Android users and locking up personal photos and videos. Called CryCryptor, it has initially been spotted pretending to be the official COVID-19 tracing app provided by Health Canada. It's propagating via two different bogus websites that pretend to be official, according to ESET researchers - one called tracershield[dot]ca. READ MORE...

Information Security

Securing voter registration databases takes on added importance in pandemic, DHS official says

The expansion of voting by mail during the coronavirus pandemic makes it all the more important that election officials secure voter registration databases from hacking, according to a senior Department of Homeland Security official. The greater amount of absentee voting and mail-in ballots "shifts the risk towards voter registration data security," Matt Masterson, senior adviser at DHS's Cybersecurity and Infrastructure Security Agency, said Wednesday during a virtual conference. READ MORE...


The inside story of the Maersk NotPetya ransomware attack, from someone who was there

The shipping conglomerate Maersk, hit by the NotPetya ransomware in June 2017, estimated that it cost them as much as $300 million in lost revenue. Gavin Ashton was an IT security guy working at Maersk at the time of the attack. He's now written an in-depth article about what happened. It's a good read, and strongly recommended if you're responsible for securing your enterprise from malware attack. READ MORE...

On This Date

  • ...in 1903, British novelist and journalist George Orwell ("1984", "Animal Farm") is born in Motihari, India.
  • ...in 1967, the Beatles record "All You Need Is Love" during the first worldwide, live television broadcast.
  • ...in 1981, Microsoft is restructured to become an incorporated business in Washington.
  • ...in 1984, Prince releases his most successful studio album, "Purple Rain."