IT Security Newsletter - 7/15/2024
Dangerous monitoring tool mSpy suffers data breach, exposes customer details
In a new episode of Spy vs Spy, the mobile monitoring app mSpy has suffered a data breach that exposed information about millions of its customers. As Malwarebytes Labs has reported before, the types of companies that make mobile applications that enable users to non-consensually spy and monitor on other users are also-unsurprisingly-rather lax when it comes to their own security. This is the third known mSpy data breach since the company began in around 2010. READ MORE...
Rite Aid confirms data breach after June ransomware attack
Pharmacy giant Rite Aid confirmed a data breach after suffering a cyberattack in June, which was claimed by the RansomHub ransomware operation. Rite Aid is the third-largest drugstore chain in the United States, employing over 6,000 pharmacists (out of a total workforce of over 45,000) in more than 1,700 retail pharmacy stores across 16 states. The company told BleepingComputer on Friday that it's currently investigating a cyberattack detected in June. READ MORE...
Wallets tied to CDK ransom group received $25 million two days after attack
The ransomware group linked to a June cyberattack against auto industry software provider CDK Global received a payment of more than $25 million two days after the attack that hobbled software used by roughly 15,000 car dealerships in the U.S. became public, researchers told CyberScoop. A cryptocurrency wallet likely controlled by BlackSuit - the ransomware group believed to be responsible for the attack. READ MORE...
Netgear warns users to patch auth bypass, XSS router flaws
Netgear warned customers to update their devices to the latest available firmware, which patches stored cross-site scripting (XSS) and authentication bypass vulnerabilities in several WiFi 6 router models. The stored XSS security flaw (fixed in firmware version 1.0.0.72 and tracked as PSV-2023-0122) impacts the XR1000 Nighthawk gaming router. Successful attacks exploiting such weaknesses can let threat actors hijack user sessions. READ MORE...
Fake Microsoft Teams for Mac delivers Atomic Stealer
Competition between stealers for macOS is heating up, with a new malvertising campaign luring Mac users via a fraudulent advert for Microsoft Teams. This attack comes on the heels of the new Poseidon (OSX.RodStealer) project, another threat using a similar code base and delivery techniques. Based on our tracking, Microsoft Teams is once again a popular keyword threat actors are bidding on, and it is the first time we have seen it used by Atomic Stealer. READ MORE...
"Superhuman" Go AIs still have trouble defending against these simple exploits
In the ancient Chinese game of Go, state-of-the-art artificial intelligence has generally been able to defeat the best human players since at least 2016. But in the last few years, researchers have discovered flaws in these top-level AI Go algorithms that give humans a fighting chance. By using unorthodox "cyclic" strategies-ones that even a beginning human player could detect and defeat-a crafty human can often exploit gaps in a top-level AI's strategy and fool the algorithm into a loss. READ MORE...
Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
The maintainers of the Exim mail transfer agent (MTA) have fixed a critical vulnerability (CVE-2024-39929) that currently affects around 1.5 million public-facing servers and can help attackers deliver malware to users. The vulnerability stems from a bug in RFC 2231 header parsing, and may allow remote attackers to bypass protection measures and deliver executable attachments directly to end-users' mailboxes. READ MORE...
Microsoft Says Windows Not Impacted by regreSSHion as Second OpenSSH Bug Is Found
A second remote code execution vulnerability was found recently in OpenSSH during an analysis of the flaw tracked as CVE-2024-6387 and named regreSSHion. The regreSSHion bug, discovered by researchers at cybersecurity firm Qualys, was believed to potentially impact millions of OpenSSH servers when it was disclosed. The second OpenSSH issue was discovered by Openwall founder Alexander Peslyak, aka Solar Designer. READ MORE...
- ...in 1799, the Rosetta Stone is found in Egypt by French Army officer Pierre-Francois Bouchard.
- ...in 1961, actor Forest Whitaker ("Bird", "The Last King of Scotland") is born in Longview, TX.
- ...in 1967, film effects designer and "MythBusters" co-host Adam Savage is born in New York City.
- ...in 2003, the Mozilla Foundation is established following the disbanding of its precursor company, Netscape.