IT Security Newsletter

IT Security Newsletter - 8/20/2024

Written by Cadre | Tue, Aug 20, 2024

National Public Data Published Its Own Passwords

New details are emerging about a breach at National Public Data (NPD), a consumer data broker that recently spilled hundreds of millions of Americans' Social Security Numbers, addresses, and phone numbers online. KrebsOnSecurity has learned that another NPD data broker which shares access to the same consumer records inadvertently published the passwords to its back-end database in a file that was freely available from its homepage until today. READ MORE...

Windows 0-day was exploited by North Korea to install advanced rootkit

A Windows zero-day vulnerability recently patched by Microsoft was exploited by hackers working on behalf of the North Korean government so they could install custom malware that's exceptionally stealthy and advanced, researchers reported Monday. The vulnerability, tracked as CVE-2024-38193, was one of six zero-days-meaning vulnerabilities known or actively exploited before the vendor has a patch-fixed in Microsoft's monthly update release last Tuesday. READ MORE...

Carespring Data Breach Exposes Personal and Medical Information of Nearly 77,000 Patients

Ohio nursing home Carespring Healthcare Management is notifying approximately 77,000 individuals that their personal and medical information was compromised in a data breach that dates back to October 2023. The incident was discovered on October 28, 2023, but the investigation into whether data was exfiltrated from the nursing home's network took roughly nine months. Last week, Carespring started sending written notification letters to the potentially affected individuals. READ MORE...

Toyota confirms breach after stolen data leaks on hacking forum

Toyota confirmed that its network was breached after a threat actor leaked an archive of 240GB of data stolen from the company's systems on a hacking forum. "We are aware of the situation. The issue is limited in scope and is not a system wide issue," Toyota told BleepingComputer when asked to validate the threat actor's claims. The company added that it's "engaged with those who are impacted and will provide assistance if needed." READ MORE...

Ransomware Victims Paid $460 Million in First Half of 2024

Ransomware payments and stolen cryptocurrency have increased in the first half of 2024, according to blockchain analysis firm Chainalysis. Chainalysis found that while illegal on-chain activity has dropped by nearly 20% year-to-date, ransomware payments have increased by 2%, from $449.1 million in the first half of 2023 to $459.8 million in the first half of 2024. In addition, the amount of cryptocurrency stolen this year has increased to $1.58 billion, up from $857 million last year. READ MORE...

CISA warns of Jenkins RCE bug exploited in ransomware attacks

?CISA has added a critical Jenkins vulnerability that can be exploited to gain remote code execution to its catalog of security bugs, warning that it's actively exploited in attacks. Jenkins is a widely used open-source automation server that helps developers automate the process of building, testing, and deploying software through continuous integration (CI) and continuous delivery (CD). READ MORE...

Microsoft mandates MFA for all Azure users

Microsoft will require multifactor authentication for all customers to sign-in to Azure portal, the Microsoft Entra admin center and Intune admin center starting in October, the company said in a Thursday blog post. The company began to send 60-day notices to all Entra administrators impacted by the change on Thursday. Microsoft said it will review requests from customers with complex environments or technical barriers for additional time to implement mandatory MFA. READ MORE...

Digital wallets can allow purchases with stolen credit cards

Digital wallets like Apple Pay, Google Pay, and PayPal can be used to conduct transactions using stolen and cancelled payment cards, according to academic security researchers. These flaws - some of which have been addressed since responsible disclosure last year - allow an attacker armed with limited personal information to add an active stolen payment card number to a digital wallet and make purchases, even if the card is subsequently canceled and replaced. READ MORE...

Multiple flaws in Microsoft macOS apps unpatched despite potential risks

Cisco Talos says eight vulnerabilities in Microsoft's macOS apps could be abused by nefarious types to record video and sound from a user's device, access sensitive data, log user input, and escalate privileges. The vulnerabilities exist across Excel, OneNote, Outlook, PowerPoint, Teams, and Word, but Microsoft told Talos it won't be fixing them. Apple's security model is permission-based and relies on the transparency, consent, and control (TCC) framework. READ MORE...

Every Google Pixel Phone Has a Verizon App that Doubles As a Backdoor

A defunct yet unremovable application embedded in the firmware of all Google Pixel phones can function as a perfect malicious backdoor. "Showcase.apk" was designed by Pittsburgh-based Smith Micro, specifically for Pixel devices on display at Verizon stores. Somehow, some way, it ended up pre-installed in every Pixel phone shipped since at least September 2017 - millions around the globe, across every model besides the very first, even in those not serviced by Verizon. READ MORE...

  • ...in 1833, future President Benjamin Harrison is born in North Bend, OH.
  • ...in 1882, Tchaikovsky's "1812 Overture" is first performed in Moscow.
  • ...in 1911, a dispatcher in the New York Times office sends the first telegram around the world via a commercial service.
  • ...in 1975, Viking 1, the first spacecraft to land successfully on Mars, is launched.