IT Security Newsletter - 6/29/2020
8 U.S. City Websites Targeted in Magecart Attacks
Researchers are warning that the websites of eight U.S. cities - across three states - have been compromised with payment card-stealing Magecart skimmers. The websites all utilize Click2Gov municipality payment software, which was previously involved in data breaches. Unlike other skimmers, which grab data on various types of payment forms on websites, the skimmer in this incident appears to only target website payment forms by Click2Gov. READ MORE...
Major US Companies Targeted in New Ransomware Campaign
More than two-dozen US organizations - several of them Fortune 500 companies - were attacked in recent days by a known threat group looking to deploy a dangerous new strain of ransomware called WastedLocker. Had the attacks succeeded, they could have resulted in millions of dollars in damages to the organizations and potentially had a major impact on supply chains in the US, Symantec said in a report Thursday. READ MORE...
DarkCrewFriends Returns with Botnet Strategy
The hackers-for-hire group DarkCrewFriends has resurfaced and is targeting content management systems to build a botnet. The botnet can be marshalled into service to carry out a variety of criminal activities, including distributed denial-of-service (DDoS) attacks, command execution, information exfiltration or sabotage of an infected system. Researchers said they observed DarkCrewFriends exploiting an unrestricted file upload vulnerability to compromise PHP servers that run websites. READ MORE...
Russian Cybercrime Boss Burkov Gets 9 Years
A well-connected Russian hacker once described as "an asset of supreme importance" to Moscow was sentenced on Friday to nine years in a U.S. prison after pleading guilty to running a site that sold stolen payment card data, and to administering a highly secretive crime forum that counted among its members some of the most elite Russian cybercrooks. Aleksei Burkov of St. Petersburg, Russia admitted to running CardPlanet, a site that sold more than 150,000 stolen credit card accounts. READ MORE...
Man sentenced, two others charged, in connection with Satori IoT botnet
22-year old man from Vancouver, Washington, has been sentenced to a US federal prison for his role in the development of the Satori botnet, which launched distributed denial-of-service (DDoS) attacks from hijacked IoT devices. The Satori botnet, based upon similar code to the notorious Mirai botnet which knocked major websites offline in 2016, is thought to have compromised hundreds of thousands of IoT devices, exploiting vulnerabilities to even infect routers thought to have been password protected. READ MORE...
Russian national pleads guilty to being part of $568 million fraud ring
A 33-year-old Russian man has pleaded guilty to being part of a cybercriminal enterprise that caused more than $568 million in losses through identity theft and stolen payment cards, the U.S. Justice Department announced Friday. Sergey Medvedev is accused of being a leader of the Infraud Organization, an online forum that trafficked in stolen financial data, malware "and other contraband," the department said in a press release. READ MORE...
Why certain characters "glitch" Gmail, YouTube, and Twitter
Have you ever used Twitter, Gmail, or YouTube and noticed odd characters being displayed vertically overlay other text on the page or break out UI boundaries? If so and have wondered how this is happening, we dive into the wonderful world of Unicode that causes this behavior. For the past few days, viewing Bleeping Computer's Twitter profile page has started to look glitchy, with characters shooting up from another user's display name. READ MORE...
Almost 300 Windows 10 executables vulnerable to DLL hijacking
A simple VBScript may be enough to allow users to gain administrative privileges and bypass UAC entirely on Windows 10. In a new report from a PwC UK security researcher Wietze Beukema, we learn that almost 300 Windows 10 executables are vulnerable to DLL hijacking. "It turns out nearly 300 executables in your System32 folder are vulnerable to relative path DLL Hijacking. Did you know that with a simple VBScript some of these EXEs can be used to elevate such executions, bypassing UAC entirely?" explained Beukema. READ MORE...
- ...in 1920, animator and special effects designer Ray Harryhausen (Clash of the Titans, Jason and the Argonauts) is born in Los Angeles.
- ...in 1929, Scientists at Bell Laboratories in New York reveal a system for transmitting television pictures.
- ...in 1972, the Supreme Court strikes down death penalty in Furman vs. Georgia.
- ...in 1995, the U.S. space shuttle Atlantis docks with the Soviet space station Mir.