<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 7/22/2020

SHARE

Top News

DOJ: Chinese hackers stole "hundreds of millions of dollars" of secrets

Two state-sponsored hackers in China targeted US businesses in a "sophisticated and prolific threat" for more than 10 years, both for financial gain and to steal trade secrets, the Department of Justice said today. The 11-count indictment (PDF), which was made public today, alleges Li Xiaoyu and Dong Jiazhi worked with China's Ministry of State Security (MSS) and other agencies to hack into hundreds of organizations and individuals in the United States and abroad. READ MORE...

Breaches

Twilio: Someone broke into our unsecured AWS S3 silo, added 'non-malicious' code to our JavaScript SDK

Twilio today confirmed one or more miscreants sneaked into its unsecured cloud storage systems and modified a copy of the JavaScript SDK used by its customers. The cloud communications giant detailed the intrusion to The Register after we were tipped off to the security blunder by a source who wished to remain anonymous. "Twilio believes the security of our customers' accounts is of paramount importance," a spokesperson told us. READ MORE...

Hacking

Coinbase stopped scammers from stealing an extra $280,000 during Twitter hack

Maybe Coinbase should send Twitter an invoice, because it certainly sounds like their quick thinking helped prevent last week's hack from leaving a lot more Twitter users with empty wallets. As we reported at the time, cybercriminals successfully managed to seize control of a number of high profile Twitter accounts last week, using them to tweet out messages designed to trick unsuspecting followers into handing over their Bitcoins. READ MORE...

Trends

Chris Vickery: AI Will Drive Tomorrow's Data Breaches

From malicious hacks to accidental misconfigurations, Chris Vickery has seen it all. But as cybercriminals continue to innovate, Vickery, the director of risk research with UpGuard, said one emerging security threat will "blindside" the world: "fakeable" voices. More bad actors using artificial intelligence (AI) will create copycat voices of a trusted family member or executive, he said - and they then call individuals - and even enterprises - and scam them out of money or valuable data. READ MORE...

Software Updates

Adobe out-of-band security updates for Photoshop, Prelude, Bridge

A week after July 2020 Patch Tuesday, Adobe has released out-of-band security updates to fix thirteen vulnerabilities - twelve of which critical - in Adobe Photoshop, Bridge, Prelude, and Reader Mobile. The good news is that none of these vulnerabilities are currently being exploited in the wild, and that most of them are in products that have historically not been a target for attackers. READ MORE...

Malware

Argentine telecom company hit by major ransomware attack

Telecom Argentina, one of the country's largest Internet Service Providers (ISPs), has suffered a major ransomware attack, according to a local report. The cybercriminals behind the attack demanded US$7.5 million in Monero cryptocurrency to unlock the encrypted files, but the company claims that it has restored access to its systems and that it hasn't caved in to the extortionists' demands. READ MORE...

Exploits/Vulnerabilities

Vulnerability Allows Remote Hacking of Devices Running Citrix Workspace App

Citrix informed customers this week that it has patched a vulnerability in its Workspace app that can allow an attacker to remotely hack the computer running the affected application. The security hole, tracked as CVE-2020-8207 and classified as high severity, affects the automatic update service used by the Citrix Workspace app for Windows, and it can be exploited by a local attacker to escalate privileges or by a remote attacker for arbitrary command execution. READ MORE...

On This Date

  • ...in 1894, the first motor race is held in France between the cities of Paris and Rouen. The winning vehicle's average speed: 11 mph.
  • ...in 1933, American aviator Wiley Post returns to Floyd Bennett Field in New York, having flown solo around the world in 7 days, 18 hours, and 49 minutes.
  • ...in 1940, "Jeopardy!" host and TV producer Alex Trebek is born in Ontario, Canada.
  • ...in 1990, American cyclist Greg LeMond wins his second consecutive Tour de France, and his third overall.