IT Security Newsletter - 7/16/2024
Disney Investigating Hacker Group's Data Theft Claims
Disney has launched an investigation after a hacker group leaked data allegedly belonging to the entertainment giant. The hackers, calling themselves NullBulge and claiming to be hacktivists, announced on Friday on a popular hacking forum that they obtained 1.1 Tb of data that allegedly comes from Disney's internal Slack channels. The leaked data, which has yet to be verified, allegedly includes messages and files from 10,000 channels. READ MORE...
AutoNation Says CDK Global Ransomware Attack Impacted Earnings
The recent ransomware attack that disrupted CDK Global's systems has had a negative impact on AutoNation's quarterly earnings, the car dealership company said in a regulatory filing. The attack occurred on June 19 and affected CDK Global systems supporting the management systems of thousands of car dealers across the US. CDK Global provides customer relationship management, dealer management, finance and insurance, intelligence, network and communication, and retail services. READ MORE...
Snowflake-linked attack on Advance Auto Parts exposes 2.3 million people
Advance Auto Parts said the personal information of more than 2.3 million people was exposed by a cyberattack on its Snowflake environment, according to a data breach disclosure letter filed Wednesday with the Office of the Maine Attorney General. An attacker intruded Advance Auto Parts' Snowflake environment on April 14 and maintained unauthorized access until May 24, the auto parts retailer said in the disclosure. READ MORE...
ChatGPTriage: How can CISOs see and control employees' AI use?
It's been less than 18 months since the public introduction of ChatGPT, which gained 100 million users in less than two months. Given the hype, you would expect enterprise adoption of generative AI to be significant, but it's been slower than many expected. A recent survey by Telstra and MIT Review showed that while 75% of enterprises tested GenAI last year, only 9% deployed it widely. The primary obstacle? Data privacy and compliance. READ MORE...
DarkGate, the Swiss Army knife of malware, sees boom after rival Qbot crushed
The DarkGate malware family has become more prevalent in recent months, after one of its main competitors was taken down by the FBI. The malware was discovered by endpoint security outfit enSilo's security maven Adi Zeligson in 2018 - but it has evolved over the years. The most recent version, spotted by Spamhaus in late January, added new capabilities. The software nasty, whose developer goes by the moniker RastaFarEye, can be used for everything from keylogging to data theft. READ MORE...
Kaspersky Leaving US Following Government Ban
Russian cybersecurity firm Kaspersky has decided to shut down operations in the United States following the Commerce Department's recent announcement that the company will soon no longer be allowed to sell its software in the country. Kaspersky said on Monday that it will gradually wind down its US operations starting on July 20, 2024. The company is laying off employees in the United States, but said less than 50 people are impacted. READ MORE...
Firmware update hides Bluetooth fingerprints
A smartphone's unique Bluetooth fingerprint could be used to track the device's user-until now. A team of researchers has developed a simple firmware update that can completely hide the Bluetooth fingerprint, eliminating the vulnerability. The method was developed by a team of researchers at the University of California San Diego. The team discovered the vulnerability caused by Bluetooth fingerprints in a study they presented at the 2022 IEEE Security & Privacy conference. READ MORE...
Here's how carefully concealed backdoor in fake AWS files escaped mainstream notice
Researchers have determined that two fake AWS packages downloaded hundreds of times from the open source NPM JavaScript repository contained carefully concealed code that backdoored developers' computers when executed. The packages-img-aws-s3-object-multipart-copy and legacyaws-s3-object-multipart-copy-were attempts to appear as aws-s3-object-multipart-copy, a legitimate JavaScript library for copying files using Amazon's S3 cloud service. READ MORE...
Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks
At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven't set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn't yet been registered, merely by supplying an email address tied to an existing domain. READ MORE...
Record labels sue Verizon for not disconnecting pirates' Internet service
Major record labels sued Verizon on Friday, alleging that the Internet service provider violated copyright law by continuing to serve customers accused of pirating music. Verizon "knowingly provides its high-speed service to a massive community of online pirates," said the complaint filed in US District Court for the Southern District of New York. Universal, Sony, and Warner say they have sent over 340,000 copyright infringement notices to Verizon since early 2020. READ MORE...
- ...in 1790, Congress declares Washington, D.C. the new capital.
- ...in 1945, at 5:29:45 a.m., the Manhattan Project comes to an explosive end as the first atom bomb is successfully tested in Alamogordo, New Mexico.
- ...in 1951, J.D. Salinger's only novel, "The Catcher in the Rye", is published.
- ...in 1969, Apollo 11 is launched from the Kennedy Space Center in Merritt Island, FL.