IT Security Newsletter - 6/7/22
Italian city of Palermo shuts down all systems to fend off cyberattack
The municipality of Palermo in Southern Italy suffered a cyberattack on Friday, which appears to have had a massive impact on a broad range of operations and services to both citizens and visiting tourists. Palermo is home to about 1.3 million people, the fifth most populous city in Italy. The area is visited by another 2.3 million tourists every year. READ MORE...
Mandiant: "No evidence" we were hacked by LockBit ransomware
American cybersecurity firm Mandiant is investigating LockBit ransomware gang's claims that they hacked the company's network and stole data. The ransomware group published a new page on its data leak website earlier today, saying that the 356,841 files they allegedly stole from Mandiant will be leaked online. "All available data will be published!" the gang's dark web leak site threatens under a timer showing just under three hours left until the countdown ends. READ MORE...
Personal Information of Over 30,000 Students Exposed in Unprotected Database
The personal information of more than 30,000 students was found on an improperly secured Elasticsearch server, security researchers with SafetyDetectives report. The server, the researchers say, was left connected to the Internet and did not require a password to allow access to the data within. Thus, it exposed more than one million records representing the personally identifiable information (PII) of 30,000 to 40,000 students, the researchers estimate. READ MORE...
Ransomware gangs now give victims time to save their reputation
Threat analysts have observed an unusual trend in ransomware group tactics, reporting that initial phases of victim extortion are becoming less open to the public as the actors tend to use hidden or anonymous entries. By not disclosing the victim's name immediately, the ransomware operatives give their targets a more extended opportunity to negotiate the ransom payment in secrecy while still maintaining a level of pressure in the form of a future data leak. READ MORE...
Microsoft seizes 41 domains tied to 'Iranian phishing ring'
Microsoft has obtained a court order to seize 41 domains used by what the Windows giant said was an Iranian cybercrime group that ran a spear-phishing operation targeting organizations in the US, Middle East, and India. The Microsoft Digital Crimes Unit said the gang, dubbed Bohrium, took a particular interest in those working in technology, transportation, government, and education sectors: its members would pretend to be job recruiters to lure marks into running malware on their PCs. READ MORE...
Ransomware attacks setting new records
In 2022, the most prevalent ransomware trends include double-extortion, supply chain attacks, ransomware-as-a-service, ransomware rebranding, and geo-political incited ransomware attacks. The report details which industries are being targeted the most by cybercriminals, explains the damage caused by double-extortion and supply chain attacks, and catalogs the most active ransomware groups operating today. READ MORE...
Google Patches Critical Android Vulnerabilities With June 2022 Updates
Google this week announced that the latest Android patches resolve a total of 40 vulnerabilities, including several rated "critical." The most severe of the flaws addressed with the June 2022 security updates, Google says, impacts the System component and could lead to remote code execution (RCE). Tracked as CVE-2022-20127, the vulnerability impacts Android versions 10, 11, 12, and 12L. READ MORE...
- ...in 1946, the BBC resumes its television broadcasts, which had been suspended for the duration of WWII.
- ...in 1958, musician Prince Rogers Nelson, AKA Prince, is born in Minneapolis, MN.
- ...in 1975, Sony introduces the Betamax videocassette recorder for sale to the public.
- ...in 2018, the Mars Curiosity Rover finds organic matter in soil samples, indicating that Mars could have once supported living organisms.