IT Security Newsletter - 6/5/2023
Burton Snowboards discloses data breach after February attack
Leading snowboard maker Burton Snowboards confirmed notified customers of a data breach after some of their sensitive information was "potentially" accessed or stolen during what the company described in February as a "cyber incident." The attack was discovered by Burton on February 11 after causing a "system outage" and forcing the company to cancel online orders. READ MORE...
Australian cyber-op attacked ISIL with the terrifying power of Rickrolling
Australia's Signals Directorate, the signals intelligence organization, has revealed it employed zero-click attacks on devices used by fighters for Islamic State of Iraq and the Levant (ISIL) - then unleashed the terrifying power of Rick Astley. The documentary, BREAKING the CODE: Cyber Secrets Revealed, reveals that the Directorate (ASD) developed three payloads it could deploy to ISIL fighters' smartphones and PCs "without ISIL having to interact with the device in any way." READ MORE...
Hackers hijack legitimate sites to host credit card stealer scripts
A new Magecart credit card stealing campaign hijacks legitimate sites to act as "makeshift" command and control (C2) servers to inject and hide the skimmers on targeted eCommerce sites. A Magecart attack is when hackers breach online stores to inject malicious scripts that steal customers' credit cards and personal information during checkout. According to Akamai's researchers monitoring this campaign, it has compromised organizations in the United States, the United Kingdom, Australia, Brazil, Peru, and Estonia. READ MORE...
Gigabyte Rolls Out BIOS Updates to Remove Backdoor From Motherboards
Taiwanese computer components maker Gigabyte has announced BIOS updates meant to remove a backdoor feature that was recently found in hundreds of its motherboards. The issue, disclosed last week by firmware and hardware security company Eclypsium, is that the firmware of more than 270 Gigabyte motherboards drops a Windows binary that is executed at boot-up to fetch and execute a payload from Gigabyte's servers. READ MORE...
Google's Android and Chrome extensions are a very sad place. Here's why
No wonder Google is having trouble keeping up with policing its app store. Since Monday, researchers have reported that hundreds of Android apps and Chrome extensions with millions of installs from the company's official marketplaces have included functions for snooping on user files, manipulating the contents of clipboards, and injecting deliberately unknown code into webpages. READ MORE...
Qbot malware adapts to live another day … and another …
The Qbot malware operation - which started more than a decade ago as banking trojan only to evolve into a backdoor and a delivery system for ransomware and other threats - continues to deftly adapt its techniques to stay ahead of security pros, according to a new report. Most recently, the operators behind Qbot - also known as Qakbot and Pinkslipbot - this year have shown new methods for delivering malware and a highly adaptable command-and-control (C2) infrastructure. READ MORE...
'Picture-in-Picture' Obfuscation Spoofs Delta, Kohl's for Credential Harvesting
Hackers are turning to obfuscation tactics relying on glossy advertising photos from Delta Airlines and retailer Kohl's, tricking users into visiting credential harvesting sites and giving up personal information. A recent campaign analyzed by Avanan showed how threat actors hide malicious links behind convincing photos offering gift cards and loyalty programs from such trusted brands. More broadly, the campaign is part of a larger trend of cybercrooks updating old tactics to make phishes more convincing. READ MORE...
- ...in 1933, President Franklin D. Roosevelt takes the United States off of the gold standard.
- ...in 1968, Senator and presidential candidate Robert Kennedy is assassinated at the Ambassador Hotel in Los Angeles, after winning the California Democratic primary.
- ...in 2010, multi-championship winning basketball coach John Wooden passes away at the age of 99.
- ...in 2014, Chester Nez, WWII veteran and last of the original Navajo "code talkers", dies at 93 years old.