IT Security Newsletter - 6/3/2022
Previously unreported Lebanon-based hacking group targeting Israel, Microsoft says
A previously unreported Lebanon-based hacking group with likely ties to Iranian intelligence has targeted more than 20 Israeli organizations since February, Microsoft's Threat Intelligence Center and Digital Security Unit reported Thursday. The group, which Microsoft dubbed "Polonium," targeted or compromised more than 20 organizations in Israel and one unnamed intergovernmental organization with operations in Lebanon. READ MORE...
Evil Corp Pivots LockBit to Dodge U.S. Sanctions
Evil Corp has shifted tactics once again, this time pivoting to LockBit ransomware after U.S. sanctions have made it difficult for the cybercriminal group to reap financial gain from its activity, researchers have found. Researchers from Mandiant Intelligence have been tracking a "financially motivated threat cluster" they're calling UNC2165 that has numerous overlaps with Evil Corp and is highly likely the latest incarnation of the group. READ MORE...
Tim Hortons coffee app broke law by constantly recording users' movements
Canadian investigators determined that users of the Tim Hortons coffee chain's mobile app "had their movements tracked and recorded every few minutes of every day," even when the app wasn't open, in violation of the country's privacy laws. "The app also used location data to infer where users lived, where they worked, and whether they were traveling," the Office of the Privacy Commissioner said READ MORE...
Critical Atlassian Confluence zero-day actively used in attacks
Hackers are actively exploiting a new Atlassian Confluence zero-day vulnerability tracked as CVE-2022-26134 to install web shells, with no fix available at this time. Today, Atlassian released a security advisory disclosing that CVE-2022-26134 is a critical unauthenticated, remote code execution vulnerability tracked in both Confluence Server and Data Center. READ MORE...
CISA Warns of Critical Vulnerabilities in Illumina Genetic Analysis Devices
The US Cybersecurity and Infrastructure Security Agency (CISA) this week issued an advisory to warn of critical vulnerabilities in Illumina genetic analysis devices that could allow a remote, unauthenticated attacker to take over an impacted product. The flaws affect Illumina Local Run Manager (LRM), which is used by sequencing instruments designed for clinical diagnostic use in the sequencing of a person's DNA, testing for various genetic conditions, as well as research. READ MORE...
- ...in 1927, saxophonist Homer Louis "Boots" Randolph, famous for his 1963 hit "Yakety Sax", is born in Paducah, KY.
- ...in 1950, singer-songwriter and '70s glam rocker Suzi Quatro is born in Detroit, MI.
- ...in 1958, the University of Cincinnati gets its first computer, an IBM 650, which costs $28k per year to lease and uses less power than a cell phone.
- ...in 1965, astronaut Ed White becomes the first American to walk in space, during the Gemini 4 mission.