IT Security Newsletter - 6/6/2023
Worries mount for MOVEit vulnerability, as likelihood of compromise expands
The aftermath from the actively exploited zero-day vulnerability in MOVEit, the latest in a series of attacks targeting file-transfer services this year, bears the markings of widespread compromise for potentially thousands of customers. A spree of attacks observed by multiple cybersecurity firms has amplified concerns and captured the attention of cyber authorities, threat researchers and analysts since the zero-day vulnerability was disclosed by Progress Software on Wednesday. READ MORE...
Vice Society: The #1 cyberthreat to schools, colleges, and universities
According to a recent Malwarebytes Threat Brief, in the last 12 months, the Vice Society ransomware gang has conducted more known attacks against education targets globally, and in the USA and the UK individually, than any other ransomware group. Although attacks on education have been a staple of the ransomware ecosystem for years, Vice Society appears to have specialised in delivering misery to schools, colleges, and universities in a highly unusual way. READ MORE...
Crypto catastrophe strikes some Atomic Wallet users, over $35M thought stolen
As much as $35 million worth of cryptocurrency may have been stolen in a large-scale attack on Atomic Wallet users, with one investigator claiming losses could potentially exceed $50 million. The Atomic Wallet app's makers first reported June 3 that some folks were complaining some crypto had been taken from their wallets and deposited in strangers' accounts, with others saying their wallets had been emptied completely. READ MORE...
US Aerospace Contractor Hacked With 'PowerDrop' Backdoor
Hackers utilizing native Windows tools have managed to infect at least one US defense contractor with a novel backdoor, which could have paved the way for additional malware implantation or worse. In a report published June 6, researchers from Adlumin nicknamed the backdoor "PowerDrop," after a "DRP" string used in the code, and because it's based in Powershell - the dual command shell-plus-scripting language. READ MORE...
Academics, media, and think tanks warned of North Korean hacking campaign
North Korean state-sponsored hackers are targeting think tanks, research centres, media organisations, and academics in the United States and South Korea to gather intelligence. The notorious Kimsuky hacking group (also known as Velvet Chollima, Thallium, or Black Banshee) are posing as journalists to steal information in spear-phishing campaigns, according to a warning issued last week. READ MORE...
Play ransomware gang compromises Spanish bank, threatens to leak files
Ransomware is creating additional work for a major Spanish bank. Globalcaja, said to have more than 300 offices in Spain and close to half a million customers, has fallen victim to the Play ransomware gang. The gang claim to have swiped both private and personal information in the attack-including passport scans, contracts, and client / employee documents-which happened last week, but have not revealed exactly how much has been taken. The bank released a statement on June 2, which reads as follows: READ MORE...
Google Patches Third Chrome Zero-Day of 2023
Google on Monday released a Chrome 114 security update that patches the third zero-day vulnerability found in the web browser in 2023. Google said the latest version of Chrome patches two flaws, including CVE-2023-3079, a type confusion issue affecting the V8 JavaScript engine. The internet giant noted that the vulnerability, discovered on June 1, has been exploited in the wild, but has not shared any information on the attacks. READ MORE...
KeePass v2.54 fixes bug that leaked cleartext master password
KeePass has released version 2.54, fixing the CVE-2023-32784 vulnerability that allows the extraction of the cleartext master password from the application's memory. When creating a new KeePass password manager database, users must create a master password, which is used to encrypt the database. When opening the database in the future, users are required to enter this master key to decrypt it and access the credentials stored within it. READ MORE...
Moonlighter Satellite Offers In-Orbit Target for Space Hackers
Satellite hacking is set to blast off to new frontiers when Moonlighter, billed as the "world's first and only hacking sandbox in space," is launched into low-Earth orbit (LEO) this August. Moonlighter will be part of Hack-A-Sat 4, an annual space security challenge timed with DEF CON that's hosted jointly by the US Air Force and Space Force. This is the first year that finalists can target a real satellite in orbit rather than a simulation. READ MORE...
- ...in 1892, Chicago's elevated rail rapid transit system, popularly known as the "L", begins operation.
- ...in 1932, the first gasoline tax was enacted with the Revenue Act of 1932, at a rate of 1 cent per gallon.
- ...in 1933, the first drive-in theater opens in Camden, NJ.
- ...in 1944, Allied forces land at the beaches of Normandy, commencing Operation Overlord, better known as "D-Day," the largest amphibious operation in history.