IT Security Newsletter

IT Security Newsletter - 7/20/2021

Written by Cadre | Tue, Jul 20, 2021

16-Year-Old HP Printer-Driver Bug Impacts Millions of Windows Machines

Researchers have released technical details on a high-severity privilege-escalation flaw in HP printer drivers (also used by Samsung and Xerox), which impacts hundreds of millions of Windows machines. If exploited, cyberattackers could bypass security products, install programs, view, change, encrypt or delete data, or create new accounts with more extensive user rights. The bug (CVE-2021-3438) has lurked in systems for 16 years, researchers at SentinelOne said, but was only uncovered this year. READ MORE...

US charges four suspected Chinese spies who coordinated APT40 hackers

On Monday, the US, EU, UK, NATO and other allies publicly attributed the cyberattacks that compromised thousands of organizations earlier this year through Microsoft Exchange zero-day vulnerabilities to China's Ministry of State Security (MSS). The DOJ also charged four suspected MSS officers for supervising and coordinating a cyberespionage group tracked in the security industry as APT40. READ MORE...

Sweeping report details how NSO Group spyware leverages iOS software for surveillance

NSO Group's Pegasus spyware may be actively exploiting the most recent software in the iPhone 12 to monitor victims through the world, according to a sweeping new report from Amnesty International. "These most recent discoveries indicate NSO Group's customers are currently able to remotely compromise all recent iPhone models and versions of iOS," the group wrote in a report published on July 18. "We have reported this information to Apple, who informed us they are investigating the matter." READ MORE...

Fortinet fixes bug letting unauthenticated hackers run code as root

Fortinet has released updates for its FortiManager and FortiAnalyzer network management solutions to fix a serious vulnerability that could be exploited to execute arbitrary code with the highest privileges. Both FortiManager and FortiAnalyzer are enterprise-grade network management solutions for environments with up to 100,000 devices. They are available as a physical appliance, as a virtual machine, in the cloud, or hosted by Fortinet. READ MORE...

MosaicLoader Malware Delivers Facebook Stealers, RATs

A never-before-documented Windows malware strain dubbed MosaicLoader is spreading worldwide, acting as a full-service malware-delivery platform that's being used to infect victims with remote-access trojans (RATs), Facebook cookie stealers and other threats. That's according to Bitdefender researchers, who found that the loader is spreading indiscriminately worldwide through paid ads in search results, targeting people looking for pirated software and games. READ MORE...

FBI: Threat actors may be targeting the 2020 Tokyo Summer Olympics

The Federal Bureau of Investigation (FBI) warns of threat actors potentially targeting the upcoming Olympic Games, although evidence of attacks planned against the Olympic Games Tokyo 2020 is yet to be uncovered. "The FBI to date is not aware of any specific cyber threat against these Olympics, but encourages partners to remain vigilant and maintain best practices in their network and digital environments," the US intelligence service said in a private industry notification issued on Monday. READ MORE...

Don't Wanna Pay Ransom Gangs? Test Your Backups.

Browse the comments on virtually any story about a ransomware attack and you will almost surely encounter the view that the victim organization could have avoided paying their extortionists if only they'd had proper data backups. But the ugly truth is there are many non-obvious reasons why victims end up paying even when they have done nearly everything right from a data backup perspective. READ MORE...

Vulnerability Exposes MicroLogix PLCs to Remote DoS Attacks

A high-severity vulnerability affecting Rockwell Automation's MicroLogix 1100 programmable logic controllers (PLCs) can be exploited to cause a device to enter a persistent fault condition. According to advisories released this month by Rockwell and the U.S. Cybersecurity and Infrastructure Security Agency (CISA), a remote, unauthenticated attacker can exploit CVE-2021-33012 to cause a denial of service (DoS) condition on the targeted controller by sending it specially crafted commands. READ MORE...

  • ...in 1903, the Ford Motor Company ships its first automobile.
  • ...in 1932, Korean-American artist Nam June Paik, creator of the "Metrobot" sculpture standing outside Cincinnati's Contemporary Arts Center, is born in Seoul, South Korea.
  • ...in 1965, Bob Dylan releases the song "Like a Rolling Stone".
  • ...in 1969, Apollo 11's crew successfully makes the first manned landing on Earth's Moon, touching down on the Sea of Tranquility.