<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 7/18/2024

SHARE

Breaches

MarineMax Notifying 123,000 of Data Breach Following Ransomware Attack

Boat dealer MarineMax is informing more than 123,000 individuals about a data breach resulting from a ransomware attack launched against the company earlier this year. The incident came to light in March, when MarineMax, one of the world's largest retailers of recreational boats and yachts, revealed in an SEC filing that it was targeted in a cyberattack that had caused some disruption. READ MORE...

Hacking

Ransomware attacks are hitting energy, oil and gas sectors especially hard, report finds

Ransomware attacks are hitting energy and oil and gas sectors harder, costing utilities more in recovery time and funding as victims appear increasingly willing to pay ransom demands, according to a new report from the cybersecurity firm Sophos. The report looks at ransomware impacts to critical infrastructure organizations and is based on more than 200 responses from a wider survey of 5,000 cybersecurity and IT leaders taken in January and February. READ MORE...


DPRK Hackers Tweak Malware to Lure MacOS Users into Video Calls

Well known for targeting victims with fake job postings, North Korea state-sponsored hackers have been discovered using a new variant of their BeaverTail malware to trick macOS users into downloading a malicious version of Microtalk, a video-calling service. Details about the latest campaign were published by cybersecurity researcher Patrick Wardle, who explained that the threat actors likely lured their victims into downloading [the malware] by asking them to join a job interview. READ MORE...

Malware

HardBit Ransomware - What You Need to Know

A new strain of the HardBit ransomware has emerged in the wild. It contains a protection mechanism in an attempt to prevent analysis from security researchers. HardBit first emerged in late 2022, and quickly made a name for itself as it attempted to extort ransom payments from corporations whose data it had encrypted. In many ways, HardBit is like other ransomware. It is a ransomware-as-a-service (RaaS) operation made available - at a price - to other online criminals. READ MORE...


Notorious FIN7 hackers sell EDR killer to other threat actors

The notorious FIN7 hacking group has been spotted selling its custom "AvNeutralizer" tool, used to evade detection by killing enterprise endpoint protection software on corporate networks. FIN7 is believed to be a Russian hacking group that has been active since 2013, initially focusing on financial fraud by hacking organizations and stealing debit and credit cards. They later moved into the ransomware space and were linked with the DarkSide and BlackMatter ransomware-as-a-operation platforms. READ MORE...

Information Security

Cloudflare Reports that Almost 7% of All Internet Traffic Is Malicious

However, Distributed Denial of Service (DDoS) attacks continue to be cybercriminals' weapon of choice, making up over 37% of all mitigated traffic. The scale of these attacks is staggering. In the first quarter of 2024 alone, Cloudflare blocked 4.5 million unique DDoS attacks. That total is nearly a third of all the DDoS attacks they mitigated the previous year. But it's not just about the sheer volume of DDoS attacks. READ MORE...


Threat Actors Ramp Up Use of Encoded URLs to Bypass Secure Email

Secure email gateways (SEG) do a lot to protect organizations from malware, spam, and phishing email. For some threat actors though, they also offer an attractive option for sneaking malicious mail past other SEGs. Security researchers from Cofense this week reported observing a recent surge in attacks, where threat actors have used SEGs to encode or to rewrite malicious URLs embedded in their emails to potential victims. READ MORE...

Exploits/Vulnerabilities

Port Shadow Attack Allows VPN Traffic Interception, Redirection

A team of researchers warns that VPNs are affected by a vulnerability that can be exploited to launch man-in-the-middle (MitM) attacks, enabling threat actors to intercept and redirect traffic. The research was conducted by representatives of Arizona State University, University of New Mexico, University of Michigan, and the University of Toronto's Citizen Lab. The attack technique, named Port Shadow and tracked as CVE-2021-3773, builds on research first presented in 2021. READ MORE...

On This Date

  • ...in 1921, Marine aviator, astronaut, and US Senator John Glenn is born in Cambridge, OH. He was the first American astronaut to orbit the Earth on the Mercury-Atlas 6 mission.
  • ...in 1940, President Franklin Delano Roosevelt is nominated for an unprecedented third term.
  • ...in 1968, microprocessor manufacturer Intel is founded in Mountain View, CA.
  • ...in 1976, Romanian gymnast Nadia Comaneci becomes the first Olympic competitor to score a perfect 10 in a gymnastics event.