<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 7/30/2020

Breaches

Vermont Tax Department exposed 3 years worth of tax return info

The Vermont Department of Taxes today disclosed that taxpayers' private information was exposed because of a security issue affecting its online filing site discovered on July 2, 2020. The data breach affected all Vermonters who electronically filed Property Transfer Tax returns using the tax department's site between February 2017 and July 2020. According to Vermont's Department of Taxes, once it was alerted of the security vulnerability, it immediately disabled access for unauthorized third parties. READ MORE...

Hacking

Kaspersky Uncovers New APT "Mercenary" Group

Security researchers at Kaspersky have uncovered a new cyber-mercenary group that they claim has been providing hacking services for hire for almost a decade. Dubbed "Deceptikons," the APT group isn't particularly sophisticated from a technical perspective and isn't known to have deployed any zero-day threats during that time, the Russian AV vendor said in a Q2 round-up report. READ MORE...


'Ghostwriter' - Widespread Disinformation Campaign Associated with Russia

FireEye security researchers have linked a series of disinformation operations that have been ongoing since at least March 2017. Referred to as Ghostwriter, the influence campaign mainly targeted audiences in Lithuania, Latvia, and Poland with themes referencing the North Atlantic Treaty Organization (NATO) presence in Eastern Europe, often using compromised websites or spoofed email accounts to distribute the fake content. READ MORE...

Malware

FBI Warns of NetWalker Ransomware Targeting Businesses

The Federal Bureau of Investigation this week released an alert to warn businesses of ongoing cyberattacks involving the NetWalker ransomware. NetWalker, also known as Mailto, has become a widely known threat following a series of high-profile attacks in March 2020, such as those targeting a transportation and logistics company in Australia, and a public health organization in the United States. READ MORE...

Information Security

The IRS asks tax professionals to enable multi-factor authentication

The U.S. Internal Revenue Service is asking tax professionals to enable additional forms of authentication in software that provides the option as an improved defense against hacker takeover attempts. The agency specifically refers to multi-factor authentication (MFA), which requires at least two supplementary data points besides the username/password combination to check the identity of a user. READ MORE...

Exploits/Vulnerabilities

Zoom bug allowed attackers to crack private meeting passwords

A lack of rate limiting on repeated password attempts allowed potential attackers to crack the numeric passcode used to secure Zoom private meetings as discovered by Tom Anthony, VP Product at SearchPilot. "Zoom meetings are (were) default protected by a 6 digit numeric password, meaning 1 million maximum passwords," as Anthony discovered. The vulnerability he spotted in the Zoom web client allowed attackers to guess any meeting's password by trying all possible combinations until finding the correct one. READ MORE...


Bug in widely used bootloader opens Windows, Linux devices to persistent compromise

A vulnerability (CVE-2020-10713) in the widely used GRUB2 bootloader opens most Linux and Windows systems in use today to persistent compromise, Eclypsium researchers have found. The list of affected systems includes servers and workstations, laptops and desktops, and possibly a large number of Linux-based OT and IoT systems. What's more, the discovery of this vulnerability has spurred a larger effort to audit the GRUB2 code for flaws. READ MORE...


Critical Magento Flaws Allow Code Execution

Critical flaws in Adobe's Magento e-commerce platform - which is commonly targeted by attackers like the Magecart cybergang - could enable arbitrary code execution on affected systems. Magento is a popular, Adobe-owned open-source e-commerce platform that powers many online shops. Adobe on Tuesday released security updates for flaws affecting Magento Commerce 2 and Magento Open Source 2, versions 2.3.5-p1 and earlier. These included two critical vulnerabilities and two important-severity flaws. READ MORE...


Critical Bugs in Utilities VPNs Could Cause Physical Damage

Remote code-execution vulnerabilities in virtual private network (VPN) products could impact the physical functioning of critical infrastructure in the oil and gas, water and electric utilities space, according to researchers. Researchers at Claroty found that VPNs used to provide remote access to operational technology (OT) networks in industrial systems are vulnerable to an array of security bugs, which could give an attacker direct access to field devices and cause physical damage or shut-downs. READ MORE...

On This Date

  • ...in 1932, Walt Disney releases his first cartoon in color -- "Flowers and Trees".
  • ...in 1956, President Eisenhower signs "In God We Trust" into law as the nation's official motto.
  • ...in 1961, actor Laurence Fishburne ("The Matrix", "Apocalypse Now") is born in Augusta, GA.
  • ...in 1974, President Nixon releases subpoenaed White House recordings after being ordered to do so by the Supreme Court of the United States.