<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 7/25/2022

SHARE

Breaches

Digital security giant Entrust breached by ransomware gang

Digital security giant Entrust has confirmed that it suffered a cyberattack where threat actors breached their network and stole data from internal systems. Entrust is a security firm focused on online trust and identity management, offering a wide range of services, including encrypted communications, secure digital payments, and ID issuance solutions. READ MORE...


T-Mobile Settles to Pay $350M to Customers in Data Breach

T- Mobile has agreed to pay $350 million to customers affected by a class action lawsuit filed after the company disclosed last August that personal data like social security numbers had been stolen in a cyberattack. In a Securities and Exchange Commission filing on Friday, the mobile phone company said the funds would pay for claims by class members, the legal fees of plaintiffs' counsel and the costs of administering the settlement. READ MORE...

Hacking

North Korean hackers attack EU targets with Konni RAT malware

Threat analysts have uncovered a new campaign attributed to APT37, a North Korean group of hackers, targeting high-value organizations in the Czech Republic, Poland, and other European countries. In this campaign, the hackers use malware known as Konni, a remote access trojan (RAT) capable of establishing persistence and performing privilege escalation on the host. READ MORE...

Software Updates

Microsoft warns that new Windows updates may break printing

Microsoft warned that starting with this week's optional preview updates, temporary mitigation provided one year ago to address Windows Server printing issues on non-compliant devices will be removed, potentially breaking printing. As Redmond explained last year, a known issue might cause print and scan failures on multiple Windows Server versions after installing the July 2021 security updates on Windows domain controllers (DCs). READ MORE...


SonicWall Warns of Critical GMS SQL Injection Vulnerability

Network security appliance vendor SonicWall late Thursday shipped urgent patches for a critical flaw in its Global Management System (GMS) software, warning that the issue exposes businesses to remote hacker attacks. The vulnerability, which carries a critical-severity rating of CVSS 9.4, provides a pathway for a remote attacker to execute arbitrary SQL queries in the database, according to SonicWall's documentation of the issue. READ MORE...

Exploits/Vulnerabilities

Atlassian urges rapid response after Confluence hardcoded password leaked

Threat actors are likely exploiting a critical vulnerability that surfaced in a pair of Confluence support apps after a hardcoded default password was leaked, Atlassian warned customers in an advisory update on Thursday. The culprit, a default password for admin control on Atlassian's Questions for Confluence app, allows attackers to gain access to unpatched servers. READ MORE...


1,000 Organizations Exposed to Remote Attacks by FileWave MDM Vulnerabilities

Vulnerabilities affecting a mobile device management (MDM) product from FileWave exposed many organizations to remote attacks, according to industrial cybersecurity firm Claroty. Claroty researchers discovered recently that the FileWave MDM product is affected by two critical security holes: an authentication bypass issue (CVE-2022-34907) and a hardcoded cryptographic key (CVE-2022-34906). The vendor quickly patched the flaws. READ MORE...

On This Date

  • ...in 1837, the first commercial use of an electric telegraph is demonstrated in London.
  • ...in 1954, Chicago Bears running back and nine-time Pro Bowl selectee Walter Payton is born in Columbia, MS.
  • ...in 1965, Bob Dylan "goes electric" with amplified instruments at the Newport Folk Festival, sparking controversy in the folk movement.
  • ...in 1976, the Viking 1 space probe takes a photograph of a natural Martian surface feature, popularly known as "The Face on Mars."