<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 7/13/2021

SHARE

Breaches

Fashion retailer Guess discloses data breach after ransomware attack

American fashion brand and retailer Guess is notifying affected customers of a data breach following a February ransomware attack that led to data theft. "A cybersecurity forensic firm was engaged to assist with the investigation and identified unauthorized access to Guess' systems between February 2, 2021 and February 23, 2021," the company said in breach notification letters mailed to impacted customers. READ MORE...

Hacking

FBI warns hackers are targeting cryptocurrency wallets and exchanges

The FBI has sounded an alert amongst owners of cryptocurrency, digital currency exchanges, and cryptocurrency payment platforms that their virtual riches are being actively targeted by malicious hackers. As Bleeping Computer reports, the FBI has warned those who hold or handle large amounts of cryptocurrency that cybercriminals are using a variety of methods in their attempts to steal fortunes. READ MORE...

Software Updates

SolarWinds Issues Hotfix for Zero-Day Flaw Under Active Attack

SolarWinds has issued a hotfix for a zero-day remote code execution (RCE) vulnerability already under active, yet limited, attack on some of the company's customers. Microsoft alerted the company about the flaw, which affects its Serv-U Managed File Transfer Server and Serv-U Secured FTP products. Specifically, the vulnerability exists in the latest Serv-U version 15.2.3 HF1 released on May 5 of this year, as well as all prior versions, the company said in a security advisory posted over the weekend. READ MORE...


Kaseya Patches Zero-Days Used in REvil Attacks

Kaseya made good on its promise to issue patches by July 11. On Saturday, the company behind the Virtual System/Server Administrator (VSA) platform that got walloped by the REvil ransomware-as-a-service (RaaS) gang in a massive supply-chain attack released urgent updates to address critical zero-day security vulnerabilities in VSA. Kaseya released the VSA 9.5.7a (9.5.7.2994) update to fix three zero-day vulnerabilities used in the ransomware attacks. READ MORE...

Malware

New BIOPASS malware live streams victim's computer screen

Hackers compromised gambling sites to deliver a new remote access trojan (RAT) called BIOPASS that enables watching the victim's computer screen in real time by abusing popular live-streaming software. Apart from the unusual feature, which comes on top of the regular functions seen in RATs, the malware can also steal private data from web browsers and instant messaging applications. READ MORE...

Information Security

Impersonations of Military Members on Social Media On the Rise

Social media companies intentionally make it very easy to set up new accounts and profiles. After all, the greater the number of users, the more the company is worth. This poses some challenges for the way the public forms opinions about the Defense Department. You see, the same convenience that allows you to join a new social network with no hassle has enabled online scammers to set up profiles impersonating members of the military, a trend that's rising rapidly. READ MORE...

Exploits/Vulnerabilities

Authentication bypass allows complete takeover of Modicon PLCs used across industries

Several programmable logic controllers (PLCs) from Schneider Electric's Modicon series that automate industrial processes in factories, energy utilities, HVAC systems and other installations are impacted by a flaw that could allow hackers to bypass their authentication mechanism and execute malicious code. According to researchers from security firm Armis, who found and reported the vulnerability, attackers with network access to impacted controllers could exploit the issue to install malware. READ MORE...

On This Date

  • ...in 1923, the Hollywood sign (which read "Hollywoodland" until 1949) is officially dedicated in Los Angeles.
  • ...in 1940, actor Sir Patrick Stewart ("Star Trek: The Next Generation", "X-Men") is born in Yorkshire, England.
  • ...in 1942, actor Harrison Ford ("Raiders of the Lost Ark", "Star Wars") is born in Chicago, IL.
  • ...in 1973, Queen release their self-titled debut album.