IT Security Newsletter

IT Security Newsletter - 7/7/2023

Written by Cadre | Fri, Jul 7, 2023

MOVEit Transfer customers warned to patch new critical flaw

MOVEit Transfer, the software at the center of the recent massive spree of Clop ransomware breaches, has received an update that fixes a critical-severity SQL injection bug and two other less severe vulnerabilities. SQL injection vulnerabilities allow attackers to craft special queries to gain access to a database or tamper with it by executing code. For these attacks to be possible, the target application must suffer from a lack of appropriate input/output data sanitization. READ MORE...

Shell Confirms MOVEit-Related Breach After Ransomware Group Leaks Data

Energy giant Shell has confirmed that personal information belonging to employees has been compromised as a result of the recent MOVEit Transfer hack. The Cl0p ransomware group exploited a zero-day vulnerability in the MOVEit managed file transfer (MFT) product to steal data from at least 130 organizations that had been using the solution. To date, at least 15 million individuals are believed to be impacted. READ MORE...

28,000 Impacted by Data Breach at Pepsi Bottling Ventures

More than 28,000 individuals were impacted by a data breach at independent bottling company Pepsi Bottling Ventures. Discovered on January 10, the data breach occurred between December 23, 2022, and January 19, 2023, and resulted in the personal, financial, and health information of the company's employees being accessed by an unauthorized party. On February 10, Pepsi Bottling Ventures started informing the impacted individuals that the attackers gained access to certain systems. READ MORE...

Nickelodeon probes claims of massive data leak as SpongeBob fans rejoice

Nickelodeon says it is probing claims that "decades old" material was stolen from it and leaked online. This follows reports on social media that someone had dumped 500GB of snatched animation files. Hilarity, and many SpongeBob SquarePants memes, ensued. We are aware of social media posts that alleged production-related files were made available without authorization and we are investigating," a Nickelodeon spokesperson told The Register. READ MORE...

Google Searches for 'USPS Package Tracking' Lead to Banking Theft

Threat actors are impersonating the United States Post Office (USPS) in a legitimate-looing malvertising campaign that diverts victims to a phishing site to steal payment-card and banking credentials, researchers have found. A malicious ad appears on Google searches for both mobile and desktop users looking to track packages via the USPS website, Jérôme Segura, director of threat intelligence at Malwarebytes Labs revealed in a blog post published July 5. READ MORE...

Mastodon fixes critical "TootRoot" vulnerability allowing node hijacking

The maintainers of the open source software that powers the Mastodon social network published a security update on Thursday that patches a critical vulnerability making it possible for hackers to backdoor the servers that push content to individual users. Mastodon is based on a federated model. The federation comprises thousands of separate servers known as "instances." Individual users create an account with one of the instances, which in turn exchange content to and from users of other instances. READ MORE...

July 2023 Patch Tuesday forecast: A month of instability and uncertainty

We're halfway through 2023 already and moving into our seventh Patch Tuesday of the year next week. There's been a lot of activity with Microsoft this month which may impact updates we'll see. But first taking a quick look back at June, we had a fairly standard set of releases with 32 CVEs fixed in Windows 11 and 36 fixed in Windows 10. Although I call out the desktops for simplicity, always keep in mind these updates apply to the applicable server versions as well. READ MORE...

Botnets Send Exploits Within Days to Weeks After Published PoC

Attackers quickly turn around real-world attacks using proof-of-concept code, taking only days to weeks to create workable exploits from published research, according to six months of data collected by researchers at Trustwave. During the experiment, Trustwave deployed honeypots that mimicked five common enterprises appliances, finding that attackers began exploiting one vulnerability within six days of the release of proof-of-concept (PoC) code and another within 17 days. READ MORE...

Two Apps Hosted on Google Play Caught Sending User Data to Chinese Servers

Two file management applications hosted on Google Play, with more than 1.5 million combined downloads, were caught sending user data to servers in China, mobile security firm Pradeo reports. Published to Google Play by the same developer, the two applications, 'File Recovery and Data Recovery' and 'File Manager', were seen launching without user interaction and silently exfiltrating a trove of sensitive user information. READ MORE...

Warning issued over vulnerability in cardiac devices

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a vulnerability that could result in remote code execution or a denial-of-service (DoS) condition impacting a healthcare delivery organization's Paceart Optima system. Paceart Optima is a software application that runs on a healthcare delivery organization's Windows server. The application collects, stores, and can be used to retrieve cardiac device data from programs and remote monitoring systems. READ MORE...

  • ...in 1928, sliced bread is sold for the first time by the Chillicothe Baking Company of Chillicothe, MO.
  • ...in 1940, former Beatle and actor Ringo Starr (born Richard Starkey) is born in Liverpool, England.
  • ...in 1954, Elvis Presley makes his radio debut on WHBQ Memphis when they play his first Sun Records single, "That's All Right".
  • ...in 1981, President Ronald Reagan nominates Sandra Day O'Connor to be the first female member of the U.S. Supreme Court.