<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 7/7/2021

SHARE

Top News

Kaseya Patches Imminent After Zero-Day Exploits, 1,500 Impacted

The worldwide July 2 attacks on the Kaseya Virtual System/Server Administrator (VSA) platform by the REvil ransomware gang turn out to be the result of exploits for at least one zero-day security vulnerability, and the company is swinging into full mitigation mode, with patches for the on-premise version coming soon, likely Wednesday or Thursday, it said. The VSA software is used by Kaseya customers to remotely monitor and manage software and network infrastructure. READ MORE...


Russian hackers breached a GOP contractor

A state-sponsored Russian hacking group infiltrated the computer systems of a Republican National Committee (RNC) contractor over the weekend. Bloomberg originally revealed that the RNC suffered a breach at the hands of prolific hackers APT29, aka Cozy Bear, who are believed to be behind a spate of high-profile cyberattacks on the US and its allies. However, GOP officials were quick to refute that report, interjecting that the actual victim was a third-party IT services provider known as Synnex. READ MORE...

Software Updates

Kaspersky Password Manager generates passwords that can be 'cracked in seconds'

Kaspersky Password Manager (KPM) is embedded with several problems that mean the passwords it generates can be cracked "in seconds". Like many password managers, KPM securely stores passwords and documents in an encrypted vault that's protected with a master password. Kaspersky has assigned this vulnerability the tag CVE-2020-27020, and has published a security advisory regarding this flaw. The issue has now been patched, but several versions of KPM are affected. READ MORE...


PrintNightmare official patch is out - update now!

Here's the good news: Microsoft has released an emergency patch for the infamous PrintNightmare bug that showed up just over a week ago. The patch is what Redmond refers to as an OOB Security Update, where OOB is short for out-of-band. OOB is a jargon term that refers to communications that are kept separate from the usual channel you use, notably for safety reasons in case the main channel should fail or need overriding in an emergency. READ MORE...

Malware

Rural Alabama Electric Cooperative Hit by Ransomware Attack

A utility that provides power in rural southeastern Alabama was hit by a ransomware attack that meant customers temporarily can't access their account information, but an executive said Tuesday that systems were beginning to be brought back online. Wiregrass Electric Cooperative, which serves about 25,000 members, did not pay a ransom and didn't have any data compromised in the attack, chief operating officer Brad Kimbro said. Electrical service wasn't interrupted. READ MORE...


Tens of thousands scammed using fake Android cryptomining apps

Scammers tricked at least 93,000 people into buying fake Android cryptocurrency mining applications, as revealed by researchers from California-based cybersecurity firm Lookout. The 172 paid Android applications, tracked as two separate families dubbed BitScam (83,800 installs) and CloudScam (9,600 installs), were advertised by the cybercriminals to victims as providing cloud cryptocurrency mining services. READ MORE...

On This Date

  • ...in 1928, sliced bread is sold for the first time by the Chillicothe Baking Company of Chillicothe, MO.
  • ...in 1940, former Beatle and actor Ringo Starr (born Richard Starkey) is born in Liverpool, England.
  • ...in 1954, Elvis Presley makes his radio debut on WHBQ Memphis when they play his first Sun Records single, "That's All Right".
  • ...in 1981, President Ronald Reagan nominates Sandra Day O'Connor to be the first female member of the U.S. Supreme Court.