<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 7/29/2020

SHARE

Top News

North Korea's Lazarus brings state-sponsored hacking approach to ransomware

Lazarus-the North Korean state hacking group behind the WannaCry worm, the theft of $81 million from a Bangladesh bank, and the attacks on Sony Pictures-is looking to expand into the ransomware craze, according to researchers from Kaspersky Lab. Like many of Lazarus' early entries, the VHD ransomware is crude. It took the malware 10 hours to fully infect one target's network. It also uses some unorthodox cryptographic practices that aren't "semantically secure," because patterns of the original files remain after they're encrypted. READ MORE...


Vatican Allegedly Hacked by China Ahead of Key Talks

The Vatican and the Catholic Diocese of Hong Kong have been the targets of alleged Chinese state-backed hackers ahead of talks on renewal of a landmark 2018 deal that helped thaw diplomatic relations between the Vatican and China, according to a monitoring group. The alleged attacks by a group called RedDelta began in May with an eye on September talks to renew a provisional agreement on bishop appointments, according to a report Tuesday by the U.S.-based Recorded Future, which tracks state-backed cyber attacks. READ MORE...

Breaches

Business giant Dussmann Group's data leaked after ransomware attack

The Nefilim ransomware operation has begun to publish unencrypted files stolen from a Dussmann Group subsidiary during a recent attack. The Dussmann Group is the largest multi-service provider in Germany with subsidiaries focusing on facility management, corporate childcare, nursing and care for the elderly, and business systems solutions, including HVAC, electrical work, and elevators. READ MORE...

Hacking

FBI warns of disruptive DDoS amplification attacks

The Federal Bureau of Investigation (FBI) has issued an alert warning private sector organizations in the United States about a ramp-up in the use of built-in network protocols for large-scale distributed denial-of-service (DDoS) amplification attacks. "A DDoS amplification attack occurs when an attacker sends a small number of requests to a server and the server responds with more numerous responses to the victim." wrote the FBI. READ MORE...

Malware

Emotet malware now steals your email attachments to attack contacts

The Emotet malware botnet is now also using stolen attachments to increase the authenticity of spam emails used for infecting targets' systems. This is the first time the botnet is using stolen attachments to add credibility to emails as Binary Defense threat researcher James Quinn told BleepingComputer. The attachment stealer module code was added around June 13th according to Marcus 'MalwareTech' Hutchins. READ MORE...

Exploits/Vulnerabilities

New VPN flaws highlight proven pathway for hackers into industrial organizations

Sometime in the second half of 2019, suspected Iranian hackers started burrowing into the network of an unnamed organization in the Middle East. What likely began, according to investigators, as a breach of a virtual private network application led to a compromise of the organization's administrative network accounts. It culminated in a data-wiping attack on Dec. 29 that hit most of the machines on the organization's IT network. READ MORE...


OkCupid Security Flaw Threatens Intimate Dater Details

Researchers have discovered a slew of issues in the popular OkCupid dating app, which could have allowed attackers to collect users' sensitive dating information, manipulate their profile data or even send messages from their profile. OkCupid is one of the most popular dating platforms worldwide, with more than 50 million registered users, mostly aged between 25 and 34. Researchers found flaws in both the Android mobile application and webpage of the service. READ MORE...


Thousands of websites at risk from critical WordPress plugin vulnerability

A critical vulnerability in a third-party plugin installed on over 70,000 websites running WordPress could allow hackers to execute malicious code remotely. The vulnerability, discovered by security researchers at Wordfence, hides in a vulnerable version of the wpDiscuz commenting plugin and enables hackers to upload arbitrary files to targeted websites, including executable PHP files. READ MORE...

On This Date

  • ...in 1588, the Spanish Armada is defeated off the coast of Gravelines, France by British naval forces.
  • ...in 1909, the Buick Motor Company acquires the Cadillac Motor Company on behalf of General Motors for $4.5 million.
  • ...in 1945, Japanese warships sink the American cruiser Indianapolis, killing 883 seamen in the worst loss in the history of the U.S. navy.
  • ...in 1958, the US space agency NASA (National Aeronautics and Space Administration) is created as the successor to the National Advisory Committee for Aeronautics (NACA).