IT Security Newsletter - 8/19/2024
CISA, FBI Assure American Voters of Cyber-Safe Electoral Process
In a joint public service announcement, CISA and the FBI are alerting American citizens that ransomware disruptions during voting periods will not disrupt the security of vote casting or counting. In prior elections, malicious actors have tried to manipulate public opinion and undermine the electoral process by spreading or amplifying false information. However, in the past, successful ransomware attacks on elections have remained localized. READ MORE...
Are 2024 US Political Campaigns Prepared for the Coming Cyber Threats?
After a long lull, cyber threats to the 2024 US elections spiked in recent days. Are parties, campaigns, and officials prepared for the moment? In just the last week, news broke of a Telegram bot collecting compromised credentials relating to the Democratic party and its National Convention (DNC). A candidate for president falsely accused his opponent of using artificial intelligence (AI) to make herself appear more popular. READ MORE...
100,000 Impacted by Jewish Home Lifecare Data Breach
New York City-based nonprofit healthcare organization Jewish Home Lifecare has revealed that a data breach disclosed earlier this year impacts more than 100,000 individuals. Jewish Home Lifecare, which is now called The New Jewish Home and which specializes in providing healthcare services to the elderly, informed customers in February that it had discovered unusual activity on its network on January 7. READ MORE...
City of Flint Scrambling to Restore Services Following Ransomware Attack
The City of Flint, Michigan, is scrambling to restore network systems impacted by an August 14 ransomware attack that knocked some of its online services offline. The attack impacted the city's payment and communication services, but did not affect emergency services, including 911, dispatch, law enforcement, and fire operations, Flint said in an incident notice on its website, which is hosted on a separate server and was not affected. READ MORE...
Oregon Zoo Ticketing Service Hack Impacts 118,000
The Oregon Zoo is notifying roughly 118,000 individuals that their names and payment card information was stolen from its online ticketing service. The incident was identified on June 26 and resulted in names, payment card numbers, CVVs, and expiration dates being exfiltrated. According to the zoo, threat actors redirected transactions from the third-party vendor that processed online ticketing purchases for Oregon Zoo. READ MORE...
Manual techniques are fueling ransomware attacks, CrowdStrike says
Interactive intrusions, attacks involving hands-on-keyboard activities within a victim's environment, were up 55% in the last year, CrowdStrike said last week in a threat hunting report. The cybersecurity vendor's threat intelligence outfit attributed nearly 9 in 10 interactive intrusions to e-crime activity during the one year period ending June 30. Hands-on-keyboard attacks jumped 75% in the healthcare sector and 60% in the technology industry, the report found. READ MORE...
RansomHub-linked EDR-killing malware spotted in the wild
Malware that kills endpoint detection and response (EDR) software has been spotted on the scene and, given it's deploying RansomHub, it could soon be prolific. Discovered by Sophos analysts after a failed attack and dubbed EDRKillShifter, the malware leverages legitimate but vulnerable drivers on Windows machines to deliver ransomware to targets. Both variants tested by Sophos analysts make use of known vulnerable drivers with publicly available proofs of concept. READ MORE...
OpenAI bans accounts linked to 'covert Iranian influence operation'
OpenAI identified and banned a cluster of accounts this week that the company said Friday were part of a "covert Iranian influence operation" that generated content related to a variety of issues, including the U.S. presidential elections. The news comes less than a week after former President Donald Trump's campaign said that it had been compromised by a cyber operation that Microsoft linked to Iran's Islamic Revolutionary Guard Corps (IRGC). READ MORE...
Are you blocking "keyboard walk" passwords in your Active Directory?
IT admins usually know what to watch out for when end users are creating weak, easy-to-guess passwords. However, a common yet overlooked type of weak password are keyboard walk patterns. A keyboard walk password typically refers to a password created by moving sequentially over the keyboard keys in a pattern that resembles walking. These are passwords formed by keys that are next to each other on the keyboard, such as 'qwerty' or 'asdfgh'. READ MORE...
- ...in 1871, engineer and aviation pioneer Orville Wright, co-inventor of the first successful motorized airplane, is born in Dayton, OH.
- ...in 1906, early TV pioneer Philo Farnsworth, inventor of the first electronic television system, is born in Beaver, UT.
- ...in 1960, Chubby Checker performs "The Twist" on Dick Clark's weekly variety show, inspiring a worldwide dance craze.
- ...in 2004, Google Inc. holds its initial public offering of stock on NASDAQ at $85 per share.