IT Security Newsletter - 6/29/2021
Data for 700M LinkedIn Users Posted for Sale in Cyber-Underground
A new posting with 700 million LinkedIn records has appeared on a popular hacker forum, according to researchers. Analysts from Privacy Sharks stumbled across the data put up for sale on RaidForums by a hacker calling himself "GOD User TomLiner." The advertisement, posted June 22, claims that 700 million records are included in the cache, and included a sample of 1 million records as "proof." READ MORE...
NVIDIA Patches High-Severity GeForce Spoof-Attack Bug
NVIDIA gaming graphics software called GeForce Experience, bundled with the chipmaker's popular GTX GPU, is flawed and opens the door to a remote attacker that can exploit the bug to steal or manipulate data on a vulnerable Windows computer. NVIDIA notified customers late last week of the bug and released a software patch for the flaw, which is present in its GeForce Experience (versions 3.21 and prior) Windows software. A 3.23 GeForce update is available now to mitigate the bug. READ MORE...
Microsoft approved a Windows driver booby-trapped with rootkit malware
Microsoft on Friday admitted it had signed malicious third-party driver code submitted for certification through its Windows Hardware Compatibility Program. According to Microsoft, the miscreant behind the subverted driver was focused on computer game players in China, and is not the sort of nation-state-backed group that has been giving Microsoft and its enterprise customers headaches over the past few months. READ MORE...
Ransomware group 'Hades' claims more victims as investigators seek answers
A ransomware group that targets billion-dollar companies - but that has stubbornly defied attribution consensus among cybersecurity researchers - has claimed at least seven victims since its discovery late last year. What's more, it has taken additional steps in an apparent bid to baffle investigators who have tried to pin down who, exactly, the operators are, according to Accenture Security research released Tuesday. READ MORE...
UN Security Council Confronts Growing Threat of Cyber Attacks
The UN Security Council on Tuesday will hold its first formal public meeting on cybersecurity, addressing the growing threat of hacks to countries' key infrastructure, an issue Joe Biden recently raised with his Russian counterpart Vladimir Putin. At their summit earlier this month in Geneva, the US president set out red lines for Russia, which is often accused of being behind major hacks. In this case, he laid out 16 "untouchable" entities, ranging from the energy sector to water distribution. READ MORE...
Details of RCE Bug in Adobe Experience Manager Revealed
Details of an Adobe zero-day bug found in its content-management solution Adobe Experience Manager (AEM), which affected customers ranging from Mastercard, LinkedIn and PlayStation, were revealed Monday. The bug, patched in May, allowed hackers to bypass authentication protection and execute code remotely on vulnerable AEM installs. Researchers in the ethical-hacking community Detectify Crowdsource identified the flaw in the CRX Package Manager component of Adobe's AEM. READ MORE...
- ...in 1920, stop-motion animator and special effects designer Ray Harryhausen (Clash of the Titans, Jason and the Argonauts) is born in Los Angeles.
- ...in 1929, scientists at Bell Laboratories in New York reveal a system for transmitting television pictures.
- ...in 1975, Steve Wozniak tests the first prototype of the Apple I personal computer.
- ...in 1995, the U.S. space shuttle Atlantis docks with the Soviet space station Mir.