IT Security Newsletter - 7/12/2021
Microsoft Office Users Warned on New Malware-Protection Bypass
Legacy users of Microsoft Excel are being targeted in a malware campaign that uses a novel malware-obfuscation technique to disable Office defenses and deliver the Zloader trojan. The attack, according to research published Thursday by McAfee, marries functions in Microsoft Office Word and Excel to work together to download the Zloader payload, without triggering an alert warning for end users of the malicious attack. READ MORE...
Mint Mobile hit by a data breach after numbers ported, data accessed
Mint Mobile has disclosed a data breach after an unauthorized person gained access to subscribers' account information and ported phone numbers to another carrier. According to the data breach notification email sent to affected subscribers this weekend, between June 8th and June 10th, a threat actor ported the phone numbers for a "small" number of Mint Mobile subscribers to another carrier without uthorization. READ MORE...
Spreadshop hacked. T-shirt lovers warned of "considerably vicious" data breach
Clients of Spreadshirt, Spreadshop, and TeamShirts have been warned of a data breach which has seen the details of customers, partners, and employees fall into the lap of cybercriminals. News of the breach first emerged on Thursday when customers were warned by email of a "security incident" involving an "unauthorised third party." At the time, the print-on-demand T-shirt company said it was investigating what data might have been affected. READ MORE...
Spike in "Chain Gang" Destructive Attacks on ATMs
Last summer, financial institutions throughout Texas started reporting a sudden increase in attacks involving well-orchestrated teams that would show up at night, use stolen trucks and heavy chains to rip Automated Teller Machines (ATMs) out of their foundations, and make off with the cash boxes inside. Now it appears the crime - known variously as "ATM smash-and-grab" or "chain gang" attacks - is rapidly increasing in other states. READ MORE...
SolarWinds patches critical Serv-U vulnerability exploited in the wild
SolarWinds is urging customers to patch a Serv-U remote code execution vulnerability that was exploited in the wild by "a single threat actor" in attacks targeting a limited number of customers. The vulnerability (tracked as CVE-2021-35211) impacts Serv-U Managed File Transfer and Serv-U Secure FTP, and it enables remote threat actors to execute arbitrary code with privileges following successful exploitation. READ MORE...
Mitsubishi Electric Patches Vulnerabilities in Air Conditioning Systems
Mitsubishi Electric recently patched critical and high-severity vulnerabilities affecting many of its air conditioning products, mainly centralized controllers. Advisories describing the vulnerabilities were published this month by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Mitsubishi Electric. SecurityWeek has also obtained additional information from people involved in the discovery and disclosure of these flaws. READ MORE...
Ryuk ransomware is now targeting web servers
Security researchers have discovered a new variant of the Ryuk ransomware that is targeting web servers. According to a blog post by Marc Elias, a security researcher on the McAfee Advanced Threat Research team, Ryuk ransomware has shifted its attention to web servers since it no longer encrypts the index file but replaces it with the ransom note instead. Elias said that the Ryuk infection chain usually starts with a spear phishing email that includes a malicious URL or Office document. READ MORE...
The FBI's honeypot Pixel 4a gets detailed in new report
Last month, authorities disclosed that the FBI and Australian Federal Police secretly operated an "encrypted device company" called "Anom." The company sold 12,000 smartphones to criminal syndicates around the world. These were pitched as secure devices but were actually honeypot devices that routed all messages to an FBI-owned server. The disclosure was light on details, but now that it's public, Anom phones are being unloaded on the secondary market. READ MORE...
How one word can disable an iPhone's WiFi functionality
A researcher has found a way to disable the WiFi functionality on iPhones by getting them to join a WiFi hotspot with a weird name. This shouldn't be happening. The first thing you learn in coding school when it comes to input (which is literally any data a device has to do something with) is to validate it. Well, maybe not the first thing, but if you want to practice secure coding it is one of the most important things: Make sure that a hacker can not abuse your application by feeding it something it can't digest. READ MORE...
- ...in 1862, the Medal of Honor is established by President Lincoln.
- ...in 1895, architect and engineer Buckminster Fuller, best-known for popularizing the geodesic dome, is born in Milton, MA.
- ...in 1962, the Rolling Stones make their first public appearance with a gig at London's Marquee Club.
- ...in 1967, President Eisenhower becomes the first U.S. President to travel by helicopter.