IT Security Newsletter - 7/21/2021
Law Firm to the Fortune 500 Breached with Ransomware
Campbell Conroy & O'Neil, P.C. - U.S. law firm to a dazzling array of huge companies - told its star-studded clientele that an intruder may have groped their data. It was hit with ransomware in February and is now suffering the data-breach fallout. That client list spans a slew of industries and includes the likes of Apple, Boeing, British Airways, Chrysler, Exxon Mobil, Fisher-Price, Ford, Honda, IBM, Jaguar, Monsanto, Toyota and US Airways - to name just a few. READ MORE...
French Launch NSO Probe After Macron Believed Spyware Target
French lawmakers have launched an investigation into Israeli offensive cybersecurity company NSO Group after they learned French President Emmanuel Macron topped a list of 14 heads of states potentially targeted by the company's spyware. Amnesty International said Tuesday the French leader was a potential spyware target, along with presidents Imran Khan of Pakistan, Cyril Ramaphosa of South Africa and Barham Salih of Iraq. READ MORE...
Adobe Patches 21 Vulnerabilities Across Seven Products
Security updates released by Adobe on Tuesday for seven of its products patch a total of 21 vulnerabilities, including 15 flaws that have been assigned a critical severity rating. Seven vulnerabilities have been addressed in Adobe After Effects for Windows and macOS. Five of them can allow arbitrary code execution and they have been rated critical, but it's worth noting that they are actually high-severity issues based on their CVSS score. READ MORE...
Spam Kingpin Peter Levashov Gets Time Served
A federal judge in Connecticut today handed down a sentence of time served to spam kingpin Peter "Severa" Levashov, a prolific purveyor of malicious and junk email, and the creator of malware strains that infected millions of Microsoft computers globally. Levashov has been in federal custody since his extradition to the United States and guilty plea in 2018, and was facing up to 12 more years in prison. Instead, he will go free under three years of supervised release and a possible fine. READ MORE...
TSA issues second cybersecurity directive for pipeline companies
The Department of Homeland Security's (DHS) Transportation Safety Administration (TSA) yesterday announced a second security directive that requires owners and operators of TSA-designated critical pipelines to implement cybersecurity measures that help protect against malicious digital incidents. This directive is a more expansive follow-up to an initial pipeline security directive issued on May 27, roughly two weeks after the highly disruptive ransomware attack against Colonial Pipeline. READ MORE...
Microsoft shares workarounds for new Windows 10 zero-day bug
Microsoft has shared workarounds for a Windows 10 zero-day vulnerability that can let attackers gain admin rights on vulnerable systems and execute arbitrary code with SYSTEM privileges. As BleepingComputer previously reported, a local elevation of privilege bug dubbed SeriousSAM found in recently released Windows versions allows users with low privileges to access sensitive Registry database files. READ MORE...
- ...in 1911, Canadian philosopher and media theorist Marshall McLuhan, whose work prefigured the arrival of the modern Internet, is born in Edmonton, Alberta.
- ...in 1951, actor and comedian Robin Williams is born in Chicago, IL.
- ...in 1969, astronaut Neil Armstrong becomes the first person to walk on Earth's Moon, followed 19 minutes later by Edwin "Buzz" Aldrin.
- ...in 2011, the Space Shuttle Atlantis (STS-135) lands at Kennedy Space Center, completing the final mission of NASA's Space Shuttle program.