IT Security Newsletter - 7/11/2024
Ticket Heist fraud gang uses 700 domains to sell fake Olympics tickets
A large-scale fraud campaign with over 700 domain names is likely targeting Russian-speaking users looking to purchase tickets for the Summer Olympics in Paris. The operation offers fake tickets to the Olympic Games and appears to take advantage of other major sports and music events. Researchers analyzing the campaign are calling it Ticket Heist and found that some of the domains were created in 2022 and the threat actor kept registering an average of 20 new ones every month. READ MORE...
Advance Auto Parts: 2.3M people's data accessed when crims broke into our Snowflake account
Advance Auto Parts' CISO just revealed for the first time the number of individuals affected when criminals broke into its Snowflake instance - a hefty 2.3 million. Ethan Steiger notified Maine's Attorney General on Wednesday of the extent of the damage - numbering this at 2,316,591 exactly - and the letter sent to victims confirms that the data potentially stolen includes names, dates of birth, social security numbers, and driver's license or other ID document numbers. READ MORE...
Exposed! The AI-enhanced social media bot farm that pumped out Kremlin propaganda on Twitter
The US Justice Department, working in coordination with Canadian and Dutch authorities, has seized two domain names which it claims were being used by Russian-backed hackers to spread disinformation on social media. The FBI has issued a joint cybersecurity advisory with its international partners, detailing the make-up of an AI-enhanced social media bot farm that was used to spread propaganda around the world. READ MORE...
VMware Patches Critical SQL-Injection Flaw in Aria Automation
Broadcom-owned VMWare on Wednesday pushed out patches for a high-risk SQL-injection vulnerability in its Aria Automation product and warned that an authenticated malicious user could target the flaw to manipulate databases. The vulnerability, tracked as CVE-2024-22280, allows for unauthorized read and write operations in the database through specially crafted SQL queries, VMWare said in an advisory with a "high-severity" rating READ MORE...
Palo Alto Networks Addresses BlastRADIUS Vulnerability, Fixes Critical Bug in Expedition Tool
Palo Alto Networks on Wednesday released patches for multiple vulnerabilities, including a critical-severity bug in its Expedition migration tool. Tracked as CVE-2024-5910 (CVSS score of 9.3), the security defect is described as a missing authentication for a critical function, which could allow attackers to take over administrative accounts. On Wednesday, the cybersecurity giant also resolved a high-severity issue in Panorama software. READ MORE...
Japanese space agency spotted zero-day attacks while cleaning up attack on M365
The Japanese Space Exploration Agency (JAXA) discovered it was under attack using zero-day exploits while working with Microsoft to probe a 2023 cyberattack on its systems. JAXA's systems came under in attack in late 2023, with its Active Directory implementation taking the brunt of it. An investigation ensued, and saw networks taken offline to verify that no classified data on rockets, satellites, or national security was compromised. READ MORE...
CISA, FBI Urge Immediate Action on OS Command Injection Vulnerabilities in Network Devices
CISA and the FBI on Wednesday issued a joint alert on exploitation of OS command injection vulnerabilities in network edge devices. Published in response to recent intrusions exploiting CVE-2024-20399 (Cisco NX-OS), CVE-2024-3400 (Palo Alto Networks PAN-OS), and CVE-2024-21887 (Ivanti Connect Secure), CISA and the FBI are urging business leaders and device manufacturers to eliminate OS command injection vulnerabilities at the source. READ MORE...
- ...in 1656, Ann Austin and Mary Fisher become the first Quakers to immigrate to the American colonies when the ship carrying them lands at Boston.
- ...in 1804, Treasury Secretary Alexander Hamilton is shot and killed in a duel by his long-time political adversary, Vice President Aaron Burr.
- ...in 1914, in his major league debut, George Herman "Babe" Ruth pitches seven strong innings to lead the Boston Red Sox over the Cleveland Indians, 4-3.
- ...in 1979, five years after its last manned mission, parts of the Skylab space station re-enter Earth's atmosphere, crash-landing in Australia and the Indian Ocean.