IT Security Newsletter

IT Security Newsletter - 6/10/2024

Written by Cadre | Mon, Jun 10, 2024

Microsoft Bows to Public Pressure, Disables Controversial Windows Recall by Default

The feature, widely panned as a security and privacy risk, was turned on by default and required users to go through checkboxes to opt-out of the software that uses AI to create a searchable digital memory of everything ever done on a Windows computer. Just this week, security researchers documented several ways malware could be designed to steal Windows Recall data and Google Project Zero researcher James Forshaw provided evidence that Windows Recall data is poorly protected on Windows. READ MORE...

New York Times source code stolen using exposed GitHub token

Internal source code and data belonging to The New York Times was leaked on the 4chan message board after being stolen from the company's GitHub repositories in January 2024, The Times confirmed to BleepingComputer. As first seen by VX-Underground, the internal data was leaked on Thursday by an anonymous user who posted a torrent to a 273GB archive containing the stolen data. "Basically all source code belonging to The New York Times Company, 270GB," reads the 4chan forum post. READ MORE...

Frontier Communications says cyberattack snagged data from 751,000 people

Frontier Communications said an April cyberattack exposed the personal data of more than 751,000 people, in a disclosure with the Maine Attorney General. Frontier previously said a suspected cybercrime group was behind the attack and noted the attack led to a disruption of its operations, which could be deemed to be material, according to the April filing with the Securities and Exchange Commission. READ MORE...

The number of known Snowflake customer data breaches is rising

LendingTree subsidiary QuoteWizard and automotive parts provider Advance Auto Parts have been revealed as victims of attackers who are trying to sell data stolen from Snowflake-hosted cloud databases. Snowflake says that their investigation is still ongoing, but continues to stand by the preliminary results: the attackers accessed customer accounts secured with single-factor authentication by leveraging credentials "previously purchased or obtained through infostealing malware." READ MORE...

16-year-old arrested in France in connection with high-profile Epsilon hacking group attacks

A 16-year-old youth has been arrested in France on suspicion of having run a malware-for-rent business. The unnamed Frenchman, who goes by online handles including "ChatNoir" and "Casquette", is said to be a key member of the Epsilon hacking group, which has in the recent past stolen millions of records from the likes of French tech hardware store LDLC, exfiltrated a database containing details of over 4 million customers from the Sport 2000 group, and hijacked broadcast social networks. READ MORE...

'Sticky Werewolf' APT Stalks Aviation Sector

A threat actor is using layered infection chains to compromise organizations involved with Russia's aviation industry. The advanced persistent threat (APT) known as "Sticky Werewolf" has been around since at least April 2023, and it seems to be interested in espionage relating to the conflict between Russia and Ukraine. Early reporting indicated that the group was targeting public organizations in Russia and Belarus, but recent targets have included a drug company and research institute. READ MORE...

PHP Patches Critical Remote Code Execution Vulnerability

A critical vulnerability in PHP could allow remote attackers to execute arbitrary code on vulnerable servers, cybersecurity firm Devcore warns. The issue, tracked as CVE-2024-4577, exists because, in certain configurations, it is possible to inject arguments remotely in PHP on Windows. Specifically, the flaw can be exploited on Windows servers using Apache and PHP-CGI, when the system is set to use certain code pages. READ MORE...

Cisco fixes WebEx flaw that allowed government, military meetings to be spied on

Cisco squashed some bugs this week that allowed anyone to view WebEx meeting information and join them, potentially opening up security and privacy concerns for highly sensitive meets. The issues first came to light on May 4 when German news outlet Zeit Online published an investigation into the issues which saw it able to view the meeting details of circa 10,000 Dutch government confernece calls. READ MORE...

Akira: Perhaps the next big thing in ransomware, says Tidal threat intelligence chief

It might not be as big a name as BlackCat or LockBit, but the Akira ransomware is every bit as dangerous, says one cybersecurity researcher - and it's poised to make a big impact. Scott Small, director of cyber threat intelligence at Tidal Cyber, said that most of what Akira is doing is pretty routine for a cyber-crime gang. Regardless, Small warns not to underestimate the crew, who he said is "very much a skilled group." READ MORE...

  • ...in 1776, The Continental Congress appoints a committee to write a Declaration of Independence.
  • ...in 1920, The Republican Party convention in Chicago endorses women's suffrage.
  • ...in 1940, Italy declares war on France and Great Britain.
  • ...in 1944, Cincinnati Reds pitcher Joe Nuxhall makes his major league baseball debut and becomes the youngest player in history at the age of 15.