<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 6/7/2021

Top News

This is not a drill: VMware vuln with 9.8 severity rating is under attack

A VMware vulnerability with a severity rating of 9.8 out of 10 is under active exploitation. At least one reliable exploit has gone public, and there have been successful attempts in the wild to compromise servers that run the vulnerable software. The vulnerability, tracked as CVE-2021-21985, resides in the vCenter Server, a tool for managing virtualization in large data centers. READ MORE...

Breaches

Tokyo Olympics organizers' data swept up in Fujitsu hack: report

The organizing committee of the Tokyo Olympics is the latest victim of a breach in which hackers broke into a Japanese government contractor's data-sharing tool, according to a Japanese media report. The breach affected some 170 people who participated in a cybersecurity drill ahead of the Olympic Games next month, Kyodo News reported. The leaked data included the names and affiliations of people from 90 organizations involved in hosting the Olympics, according to the outlet. READ MORE...

Hacking

Cyberattack Suspected in Cox TV and Radio Outages

A reported ransomware attack on Cox Media Group (CMG) has crippled streaming and other internal operations of dozens of radio and television stations scattered across America's 20 broadcast markets. CMG has won't comment on the reported attack and hasn't responded to a request for comment. A member of Atlanta's WSB-TV news team, a Cox affiliate impacted by the outage, also declined to provide Threatpost with an update on operations and referred media inquiries to CMG corporate. READ MORE...


REvil Ransomware Gang Spill Details on US Attacks

Cybercriminals behind the JBS Foods ransomware attack claim they had no intent to target United States-based firms. The group, identified as the Sodinokibi REvil ransomware gang, also said it was not afraid of being labeled a cyber-terrorist group. A spokesperson for REvil shared its positions in an interview on a YouTube and Telegram channel called Russian OSINT early Friday. READ MORE...

Malware

New Evil Corp ransomware mimics PayloadBin gang to evade US sanctions

The new PayloadBIN ransomware has been attributed to the Evil Corp cybercrime gang, rebranding to evade sanctions imposed by the US Treasury Department's Office of Foreign Assets Control (OFAC). The Evil Corp gang, also known as Indrik Spider and the Dridex gang, started as an affiliate for the ZeuS botnet. Over time, they formed a group that focused on distributing the banking trojan and downloader called Dridex via phishing emails. READ MORE...


Latvian woman charged with writing malware for the Trickbot Group

The US Department of Justice (DOJ) just announced that it has charged a 55-year-old Latvian woman, who went by the moniker of Max, with malware-writing crimes. Max, whose real name is apparently Alla Witte, is the sixth of seven defendants listed in the DOJ's indictment, along with ten other unknown individuals identified only as CC8 to CC17. (CC is short for co-conspirator.) READ MORE...

Information Security

Amazon Sidewalk starts sharing your WiFi tomorrow, thanks

Amazon smart device owners only have until June 8 to opt out of a new program that will group their Echo speakers and Ring doorbells into a shared wireless network with their neighbors, a new feature that the shopping giant claims will provide better stability for smart devices during initial setup and through possible Internet connectivity problems. READ MORE...

Exploits/Vulnerabilities

Energy Chief Cites Risk of Cyberattacks Crippling Power Grid

Energy Secretary Jennifer Granholm on Sunday called for more public-private cooperation on cyber defenses and said U.S. adversaries already are capable of using cyber intrusions to shut down the U.S. power grid. "I think that there are very malign actors who are trying," she said. She added: "Even as we speak, there are thousands of attacks on all aspects of the energy sector and the private sector generally." READ MORE...

Science & Culture

Remember Anonymous? They might be back, and they're angry with Elon Musk

Entities using the name and iconography of hacktivist collective Anonymous have deemed Elon Musk's recent crypto-tweeting worthy of a re-emergence. A new video that uses the group's trademark Guy Fawkes mask and a digitised voice opens by voicing appreciation for Musk's contributions to space exploration and electric car production, but then accuses him of being "nothing more than another narcissistic rich dude who is desperate for attention." READ MORE...

On This Date

  • ...in 1946, the BBC resumes its television broadcasts, which had been suspended for the duration of WWII.
  • ...in 1958, musician Prince Rogers Nelson, AKA Prince, is born in Minneapolis, MN.
  • ...in 1975, Sony introduces the Betamax videocassette recorder for sale to the public.
  • ...in 2018, the Mars Curiosity Rover finds organic matter in soil samples, indicating that Mars could have once supported living organisms.