IT Security Newsletter - 7/17/2024
Ransomware Attack Disrupts Bassett Furniture Manufacturing Facilities
Virginia-based furniture manufacturer and retailer Bassett Furniture was recently targeted in a ransomware attack that caused significant disruptions, including in the company's manufacturing facilities. The company revealed this week in a filing with the SEC that it detected unauthorized access to its IT systems on July 10. Bassett Furniture said the threat actor disrupted its business operations by encrypting "some data files". READ MORE...
Email addresses of 15 million Trello users leaked on hacking forum
A threat actor has released over 15 million email addresses associated with Trello accounts that were collected using an unsecured API in January. Trello is an online project management tool owned by Atlassian. Businesses commonly use it to organize data and tasks into boards, cards, and lists. In January, BleepingComputer reported that a threat actor known as 'emo' was selling profiles for 15,115,516 Trello members on a popular hacking forum. READ MORE...
Iran's MuddyWater phishes Israeli orgs with custom BugSleep backdoor
MuddyWater, an Iranian government-backed cyber espionage crew, has upgraded its malware with a custom backdoor, which it's used to target Israeli organizations. The gang has been linked to Iran's Ministry of Intelligence and Security (MOIS), which the US sanctioned in 2022 in response to its attacks against Albania and other "cyber-enabled activities against the United States and its allies." READ MORE...
Microsoft: Scattered Spider Widens Web With RansomHub & Qilin
Octo Tempest, a threat actor also known as Scattered Spider, has added RansomHub and Qilin to its repository for use in attacks, Microsoft's Threat Intelligence Team is warning. The gang, which first arrived on the scene in 2022, is known for its social engineering techniques, which Microsoft describes as sophisticated, as well as identity compromises, targeting of VMware ESXi servers, and deployment of BlackCat ransomware. READ MORE...
Snowflake Account Attacks Driven by Exposed Legitimate Credentials
Threat actors just pulled off one of the largest data breaches of 2024, and they didn't even have to hack into the company's environment. Their goal? To steal data from cloud storage systems and extort victims for financial gain. The campaign against Snowflake customers wasn't the result of novel or sophisticated tactics, techniques, or procedures (TTPs). Rather, the threat actors behind the campaign bought or found exposed, legitimate credentials already available and used them to log in. READ MORE...
Hello, is it me you're looking for? How scammers get your phone number
What might be one of the easiest ways to scam someone out of their money - anonymously, of course? Would it involve stealing their credit card data, perhaps using digital skimming or after hacking into a database of sensitive personal information? While effective, these methods may be resource-intensive and require some technical prowess. What about stealing payment info via fake websites? READ MORE...
AI device Rabbit r1 logged user interactions without an option to erase them before selling
Rabbit, the manufacturer of the Artificial Intelligence (AI) assistant r1 has issued a security advisory telling users it's found a potential security risk. If a user loses or sells their device, a person in possession of the r1 could potentially jailbreak the device and gain access to files that contain logging information, chats, and photos. Rabbit also says it is performing a full review of device logging practices to check whether additional technical controls are needed. READ MORE...
Void Banshee APT exploited "lingering Windows relic" in zero-day attacks
The zero-day exploit used to leverage CVE-2024-38112, a recently patched Windows MSHTML vulnerability, was wielded by an APT group dubbed Void Banshee to deliver malware to targets in North America, Europe, and Southeast Asia, threat hunters with Trend Micro's Zero Day Initiative have shared. As previously explained by Check Point researcher Haifei Li, the attackers used files that were specially crafted to exploit the vulnerability but were made to look like PDFs. READ MORE...
- ...in 1889, bestselling author Erle Stanley Gardner, creator of the original "Perry Mason" detective stories, is born in Malden, MA.
- ...in 1954, former German Chancellor Angela Merkel is born in Hamburg, West Germany.
- ...in 1955, Disneyland televises its grand opening in Anaheim, California.
- ...in 1995, NASDAQ stock index closes above the 1,000 mark for the first time.