<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 7/7/2022

SHARE

Top News

FBI, CISA, Treasury: North Korean hackers taking aim at health care with Maui ransomware

Three federal agencies said Wednesday that North Korean hackers have been attacking the health care sector with ransomware, and cautioned victims that paying up could run afoul of U.S. sanctions rules. The FBI, the Department of Homeland Security's Cybersecurity an Infrastructure Security Agency and the Treasury Department said in an alert that the hackers were using a kind of ransomware dubbed "Maui" to go after health care and public health organizations. READ MORE...

Breaches

Cloud Misconfig Exposes 3TB of Sensitive Airport Data in Amazon S3 Bucket: 'Lives at Stake'

A misconfigured Amazon S3 bucket resulted in 3TB of airport data (more than 1.5 million files) being publicly accessible, open, and without an authentication requirement for access, highlighting the dangers of unsecured cloud infrastructure within the travel sector. The exposed information, uncovered by Skyhigh Security, includes employee personal identification information (PII) and other sensitive company data affecting at least four airports in Colombia and Peru. READ MORE...

Hacking

Russian information operations focus on dividing Western coalition supporting Ukraine

Russian intelligence has been using state-controlled media and other disinformation channels to disseminate propaganda designed to divide the Western coalition supporting Ukraine, according to a report the cybersecurity firm Recorded Future released Thursday. Much of the open-source propaganda Recorded Future found closely aligns with what the firm refers to as an "unverified analytical note" from the Fifth Service of Russia's Federal Security Service (FSB). READ MORE...

Malware

IT services giant SHI hit by "professional malware attack"

SHI International, a New Jersey-based provider of Information Technology (IT) products and services, has confirmed that a malware attack hit its network over the weekend. SHI claims to be one of North America's largest IT solutions providers, with $12.3 billion in revenue in 2021 and 5,000 employees around the world in operations centers in the U.S., the United Kingdom, and the Netherlands. READ MORE...


Hive ransomware group migrates code to Rust, accelerating data encryption

The group behind Hive ransomware completed a full code migration and overhaul to use a more complex encryption method for its ransomware as a service payload, researchers from Microsoft Threat Intelligence Center found. Microsoft describes Hive, which was first observed in June 2021, as one of the most prevalent ransomware payloads and one of the fastest evolving ransomware families. READ MORE...

Exploits/Vulnerabilities

Typo-squatting NPM software supply chain attack uncovered

Researchers at ReversingLabs have uncovered evidence of a widespread software supply chain attack through malicious JavaScript packages picked up via NPM. NPM was acquired by Microsoft-owned GitHub in 2020 and has suffered from the odd issue or two over the years (from authorization problems in 2021 to credential problems this year). The latest problem stems from typo-squatting, where an attacker offers up malicious packages with names similar to (or easy misspellings of) real packages. READ MORE...


Hack Allows Drone Takeover Via 'ExpressLRS' Protocol

The popular protocol for radio controlled (RC) aircraft called ExpressLRS can be hacked in only a few steps, according to a bulletin published last week. ExpressLRS is an open-source long range radio link for RC applications, such as first-person view (FPV) drones. "Designed to be the best FPV Racing link," wrote its authors on Github. According to the report the hack utilizes "a highly optimized over-the-air packet structure, giving simultaneous range and latency advantages." READ MORE...

Encryption

Inside NIST's 4 Crypto Algorithms for a Post-Quantum World

The National Institute of Standards and Technology has selected four candidates to form the basis of future data-protection technologies to resist attack by quantum computers, the US science agency said on July 5. NIST has also advanced four other candidates for additional scrutiny and has called for more proposals for digital signature algorithms by the end of summer. READ MORE...


OpenSSL fixes two "one-liner" crypto bugs - what you need to know

Just over a week ago, the newswires were abuzz with news of a potentially serious bug in the widely-used cryptographic library OpenSSL. Some headlines went as far as describing the bug as a possibly "worse-than-Heartbleed flaw", which was dramatic language indeed. Heartbleed, as you may remember, was a high-profile data leakage bug that lurked unnoticed in OpenSSL for several years before being outed in a flurry of publicity back in 2014: READ MORE...

On This Date

  • ...in 1928, sliced bread is sold for the first time by the Chillicothe Baking Company of Chillicothe, MO.
  • ...in 1940, former Beatle and actor Ringo Starr (born Richard Starkey) is born in Liverpool, England.
  • ...in 1954, Elvis Presley makes his radio debut on WHBQ Memphis when they play his first Sun Records single, "That's All Right".
  • ...in 1981, President Ronald Reagan nominates Sandra Day O'Connor to be the first female member of the U.S. Supreme Court.