IT Security Newsletter

IT Security Newsletter - 6/3/2024

Written by Cadre | Mon, Jun 3, 2024

Snowflake Data Breach Impacts Ticketmaster, Other Organizations

Ticketmaster and multiple other organizations have had significant amounts of information stolen in a data breach at cloud storage company Snowflake, security researchers report. The theft of Ticketmaster data came to light last week, when a notorious hacking group claimed to have exfiltrated the information of 560 million users, asking $500,000 for the data. READ MORE...

BBC Breach Puts 25K Pension Scheme Members at Risk

After falling victim to a leak that put 25,000 of its current and former employees at risk, the BBC has confirmed it experienced a breach, or "data security incident," compromising the information of its BBC pension scheme members. According to the update on the BBC's My Pension website, files containing personal information of its members were copied by threat actors from a cloud-based storage service. READ MORE...

Russia and China are using OpenAI tools to spread disinformation

OpenAI has revealed operations linked to Russia, China, Iran and Israel have been using its artificial intelligence tools to create and spread disinformation, as technology becomes a powerful weapon in information warfare in an election-heavy year. The San Francisco-based maker of the ChatGPT chatbot said in a report on Thursday that five covert influence operations had used its AI models to generate text, images, and comments/replies at a high volume. READ MORE...

AI platform Hugging Face says hackers stole auth tokens from Spaces

AI platform Hugging Face says that its Spaces platform was breached, allowing hackers to access authentication secrets for its members. Hugging Face Spaces is a repository of AI apps created and submitted by the community's users, allowing other members to demo them. "Earlier this week our team detected unauthorized access to our Spaces platform, specifically related to Spaces secrets," warned Hugging Face in a blog post. READ MORE...

Kaspersky releases free tool that scans Linux for known threats

Kaspersky has released a new virus removal tool named KVRT for the Linux platform, allowing users to scan their systems and remove malware and other known threats for free. The security firm notes that despite the common misconception that Linux systems are intrinsically secure from threats, there has been a constant supply of "in the wild" examples that prove otherwise, most recently, the XZ Utils backdoor. READ MORE...

Stalkerware app pcTattletale announces it is 'out of business' after suffering data breach and website defacement

US spyware vendor pcTattletale has shut down its operations following a serious data breach that exposed sensitive information about its customers, as well as data stolen from some of their victims. pcTattletale was promoted as "employee and child monitoring software" designed to "protect your business and family." Of course, what it actually was, was a way to surreptitiously spy upon other people's phones and computers - secretly viewing everything they did. READ MORE...

Check Point Software VPN exploitation risk greater than previously stated: researchers

Security researchers on Thursday warned an exploited vulnerability linked to attacks against Check Point Software VPN customers is far more serious than previously disclosed. Exploitation started in late April, Mnemonic researchers said Friday in an updated blog post. The vulnerability, listed as CVE-2024-24919, allows attackers to read information on internet-connected gateways with remote access VPN or mobile access enabled, according to Check Point. READ MORE...

Federal agency warns critical Linux vulnerability being actively exploited

The US Cybersecurity and Infrastructure Security Agency has added a critical security bug in Linux to its list of vulnerabilities known to be actively exploited in the wild. The vulnerability, tracked as CVE-2024-1086 and carrying a severity rating of 7.8 out of a possible 10, allows people who have already gained a foothold inside an affected system to escalate their system privileges. READ MORE...

  • ...in 1927, saxophonist Homer Louis "Boots" Randolph, famous for his 1963 hit "Yakety Sax", is born in Paducah, KY.
  • ...in 1950, singer-songwriter and '70s glam rocker Suzi Quatro is born in Detroit, MI.
  • ...in 1958, the University of Cincinnati gets its first computer, an IBM 650, which costs $28k per year to lease and uses less power than a cell phone.
  • ...in 1965, astronaut Ed White becomes the first American to walk in space, during the Gemini 4 mission.