<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 8/20/2021

SHARE

Top News

Postmortem on U.S. Census Hack Exposes Cybersecurity Failures

Threat actors exploited an unpatched Citrix flaw to breach the network of the U.S. Census Bureau in January in an attack that was ultimately halted before a backdoor could be installed or sensitive data could be stolen, according to a report by a government watchdog organization. However, investigators found that officials were informed of the flaw in its servers and had at least two opportunities to fix it before the attack, mainly due to lack of coordination between teams responsible for different security tasks. READ MORE...

Software Updates

Third-Party Patches Available for More PetitPotam Attack Vectors

Slovenia-based ACROS Security this week announced the release of patches that address additional attack vectors for the PetitPotam vulnerability. Disclosed in late July, PetitPotam is a remote code execution vulnerability (CVE-2021-36942) that abuses the Encrypting File System Remote (MS-EFSRPC) protocol. An attacker exploiting the bug could get a targeted server to connect to an attacker-controlled server and perform NTLM authentication. READ MORE...

Information Security

You can post LinkedIn jobs as almost ANY employer - so can attackers

Anyone can create a job listing on the leading recruitment platform LinkedIn on behalf of just about any employer-no verification needed. And worse, the employer cannot easily take these down. The feature and lax verification on career websites pave the ways for attackers to post bogus listings for malicious purposes. The attackers can use this social engineering tactic to collect personal information and resumes from professionals who believe they are applying to a legitimate company. READ MORE...

Exploits/Vulnerabilities

InkySquid State Actor Exploiting Known IE Bugs

The InkySquid advanced persistent threat (APT) group, which researchers have linked to the North Korean government, was caught launching watering hole attacks against a South Korean newspaper using known Internet Explorer vulnerabilities. New analysis from Volexity reported its team of researchers noticed suspicious code being loaded on the Daily NK site, a news outlet focused on North Korea, starting in April. READ MORE...


Cisco: Critical Flaw in Older SMB Routers Will Remain Unpatched

Cisco this week published information on a critical code execution vulnerability affecting its small business RV110W, RV130, RV130W, and RV215W routers, but cautioned that there are no plans to release security fixes. Tracked as CVE-2021-34730 with a CVSS score of 9.8, the vulnerability exists in the Universal Plug-and-Play (UPnP) service of the affected routers and could be abused by an unauthenticated, remote attacker to execute code as root, or cause a denial of service condition. READ MORE...

On This Date

  • ...in 1833, future President Benjamin Harrison is born in North Bend, OH.
  • ...in 1882, Tchaikovsky's "1812 Overture" is first performed in Moscow.
  • ...in 1911, a dispatcher in the New York Times office sends the first telegram around the world via a commercial service.
  • ...in 1975, Viking 1, the first spacecraft to land successfully on Mars, is launched.