<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 6/30/2020

Top News

UC San Francisco pays $1.14 million for ransomware decryptor

The University of California San Francisco (UCSF) says that it paid $1.14 million to the Netwalker ransomware operators who successfully breached the UCSF School of Medicine's IT network, stealing data and encrypting systems. UCSF is a research university focused on health sciences and involved in COVID-19 research, ranked as #2 in medical schools for research and #6 in best medical schools for primary care based on U.S. News & World Report's college rankings. READ MORE...

Hacking

Seller floods hacker forum with data stolen from 14 companies

A data breach broker is selling databases containing user records for 14 different companies he claimed were breached by hackers in 2020. When a company is breached, threat actors will typically download accessible databases, including account records. These databases are then sold directly to other threat actors, or the hackers utilize data breach brokers to sell them on their behalf. READ MORE...

Software Updates

Palo Alto Networks patches critical vulnerability in firewall OS

Palo Alto Networks disclosed a critical vulnerability found in the operating system (PAN-OS) of all its next-generation firewalls that could allow unauthenticated network-based attackers to bypass authentication. According to the company's website, PAN-OS is the software that powers all of its next-generation firewalls. While the 'Validate Identity Provider Certificate' option shouldn't normally be disabled, this is the recommended choice in official deployment guidelines provided by multiple organizations. READ MORE...

Malware

REvil Ransomware Gang Adds Auction Feature for Stolen Data

The REvil ransomware gang (also known as Sodinokibi) has added an auction feature to its underground website that allows anonymous bidding on information stolen in its targeted ransomware campaigns. The auction capability appeared at the beginning of June, according to an analysis from Cyberint. In announcing the feature, REvil included details on its first lot, the firm said, containing accounting information, files and databases stolen from a Canadian agricultural company. READ MORE...

Information Security

Beware "secure DNS" scam targeting website owners and bloggers

If you run a website or a blog, you probably use a cloud provider or a dedicated hosting company to manage your server and deliver the content to your readers, viewers and listeners. We certainly do - both Naked Security and our sister site Sophos News are hosted by WordPress VIP. That's not a secret (nor is it meant to be), not least because most providers identify themselves in the HTTP headers they send back in their web replies, if only as a matter of courtesy. READ MORE...


Remote access at risk: Pandemic pulls more cyber-crooks into the brute-forcing game

The COVID-19 pandemic has radically changed the nature of everyday work, forcing employees to do large parts of their jobs via remote access. Cybercriminals - especially ransomware operators - are aware of the shift and attempt to exploit the new opportunities and increase their illicit earnings. ESET telemetry confirms this trend in an uptick in the number of unique clients who reported brute-force attack attempts blocked via ESET's network attack detection technology. READ MORE...

Exploits/Vulnerabilities

Driver Vulnerabilities Facilitate Attacks on ATMs, PoS Systems

Driver vulnerabilities can facilitate attacks on ATMs, point-of-sale (PoS) systems and other devices, firmware security company Eclypsium warned on Monday. Eclypsium last year analyzed device drivers from major vendors and found that over 40 drivers made by 20 companies contained serious vulnerabilities that could be exploited to deploy persistent malware. The firm now warns that the Windows drivers used in ATMs and PoS devices can be highly useful to threat actors targeting these types of systems. READ MORE...

On This Date

  • ...in 1908, an explosion in the sky near Russia's Tunguska River flattens thousands of miles of Siberian forest. The Tunguska event is the largest known meteor-related impact in recorded history.
  • ...in 1917, actress, singer, and civil rights activist Lena Horne is born in New York.
  • ...in 1953, the first Chevrolet Corvette rolls off the assembly line in Flint, MI.
  • ...in 1997, the United Kingdom transfers sovereignty over Hong Kong to the Chinese government.