IT Security Newsletter

IT Security Newsletter - 8/17/2022

Written by Cadre | Wed, Aug 17, 2022

Microsoft Disrupts Russian Group's Multiyear Cyber-Espionage Campaign

Microsoft's Threat Intelligence Center (MSTIC) has taken steps to disrupt the operations of "Seaborgium," a Russia-based threat actor that has been involved in persistent spear-phishing and credential-theft campaigns aimed at organizations and individuals in NATO countries since at least 2017. The threat actor's primary motivation appears to be cyber espionage. READ MORE...

Krebs on Security: When Efforts to Contain a Data Breach Backfire

Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. The missive alleged that an auction on the site for data stolen from 10 million customers of Mexico's second-largest bank was fake news and harming the bank's reputation. The administrator responded to this empty threat by purchasing the stolen banking data and leaking it on the forum for everyone to download. READ MORE...

Google fixes fifth Chrome zero-day bug exploited this year

Google has released a security update for the Chrome browser that addresses close to a dozen vulnerabilities, including a zero-day flaw that is being exploited in the wild. The security update is currently rolling out for Windows, Mac and Linux. Users who have automatic updates turned on should receive it in the coming days/weeks. Google doesn't typically provide many technical details about the zero-day vulnerabilities they fix until a large number of Chrome users have applied the security update. READ MORE...

Quarterly Security Patches Released for Splunk Enterprise

Splunk this week announced the release of a new set of quarterly patches, to address multiple vulnerabilities in Splunk Enterprise. The most important of the bugs is a high-severity TLS certificate validation issue in the Ingest Actions user interface. "When using Ingest Actions to configure a destination that resides on Amazon Simple Storage Service (S3) in Splunk Web, TLS certificate validation is not correctly performed and tested for the destination," Splunk explains in its advisory. READ MORE...

Security Firms Find Over 20 Malicious PyPI Packages Designed for Data Theft

Security companies have identified more than 20 malicious PyPI packages designed to steal passwords and other sensitive information from the victims' machines. Kaspersky is warning of two such packages - 'ultrarequests' and 'pyquest' - that were masquerading as 'requests', a highly popular open source package. The malicious repositories copied the description from the legitimate package and contained fake statistics. READ MORE...

Mozilla finds 18 of 25 popular reproductive health apps leak data

It's official: your period and/or pregnancy tracker will probably share your data with law enforcement. And they might even do it on purpose. Eighteen of 25 reproductive health apps and wearable devices reviewed by Mozilla received a *Privacy Not Included warning label - meaning they have problems when it comes to protecting users' privacy and security. READ MORE...

Exploit out for critical Realtek flaw affecting many networking devices

Exploit code has been released for a critical vulnerability affecting networking devices with Realtek's RTL819x system on a chip (SoC), which are estimated to be in the millions. The flaw is identified as CVE-2022-27255 and a remote attacker could exploit it to compromise vulnerable devices from various original equipment manufacturers (OEMs), ranging from routers and access points to signal repeaters. READ MORE...

Windows Vulnerability Could Crack DC Server Credentials Open

Researchers have discovered a vulnerability in the remote procedure calls (RPC) for the Windows Server service, which could allow an attacker to gain control over the domain controller (DC) in a specific network configuration and execute remote code. Malicious actors could also exploit the vulnerability to modify a server's certificate mapping to perform server spoofing. READ MORE...

  • ...in 1827, American folk hero and politician Davy Crockett is born in Greene County, TN.
  • ...in 1943, actor Robert De Niro ("Taxi Driver", "Godfather Part II") is born in New York City.
  • ...in 1945, George Orwell's satirical novella "Animal Farm" is published in the UK.
  • ...in 2008, American swimmer Michael Phelps wins a world-record eight gold medals in a single Olympic Games.