IT Security Newsletter - 8/21/2023
Suspected N. Korean Hackers Target S. Korea-US Drills
Suspected North Korean hackers have attempted an attack targeting a major joint military exercise between Seoul and Washington that starts on Monday, South Korean police said. South Korea and the United States will kick off the annual Ulchi Freedom Shield drills on Monday through August 31 to counter growing threats from the nuclear-armed North. Pyongyang views such exercises as rehearsals for an invasion and has repeatedly warned it would take "overwhelming" action in response. READ MORE...
Japanese watchmaker Seiko breached by BlackCat ransomware gang
The BlackCat/ALPHV ransomware gang has added Seiko to its extortion site, claiming responsibility for a cyberattack disclosed by the Japanese firm earlier this month. Seiko is one of the world's largest and most historic watchmakers, with roughly 12,000 employees and an annual revenue that surpasses $1.6 billion. On August 10th, 2023, the company published a notice of a data breach informing that an unauthorized third-party gained access to at least a part of its IT infrastructure. READ MORE...
Tesla Discloses Data Breach Related to Whistleblower Leak
Tesla has disclosed a data breach impacting roughly 75,000 people, but the incident is the result of a whistleblower leak rather than a malicious cyberattack. Tesla told US authorities that a data breach discovered in May resulted in the exposure of the personal information, including social security numbers, of more than 75,700 individuals. A notification letter sent to impacted people reveals that the data breach is related to a couple of former employees sending confidential information. READ MORE...
Two dozen arrested, hundreds of malicious IPs taken down in African cybercrime operation
An international law enforcement operation spanning more than two dozen African countries led to 14 arrests and the takedown of hundreds of malicious IP addresses and malware hosters, Interpol said Friday. Africa Cyber Surge II - led by Interpol and supported with information from Group-IB, Trend Micro, Kaspersky and Coinbase - launched in April 2023 and focused on identifying cybercriminals and compromised infrastructure, Interpol said in a statement. READ MORE...
Patch now! Citrix Sharefile joins the list of actively exploited file sharing software
The Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability to its catalog of know exploited vulnerabilities, based on evidence of active exploitation. This means that Federal Civilian Executive Branch (FCEB) agencies need to remediate this vulnerability by September 6, 2023 to protect their networks against this active threat. We urge everyone else to take it seriously too and preferably not to wait untill the last moment. READ MORE...
Exchange Server security updates updated
Microsoft has re-released the August 2023 Security Updates (SUs) for Exchange Server. The original release of the SUs, from August 8 2023, had a localization issue with Exchange Server running on a non-English Operating Systems (OSes) that caused Setup to stop unexpectedly, leaving Exchange services in a disabled state. Exchange Online users are already protected from the vulnerabilities addressed by these Security Updates. READ MORE...
Microsoft DNS boo-boo breaks Hotmail for users around the globe
Someone at Microsoft has some explaining to do after a messed up DNS record caused emails sent from Hotmail accounts using Microsoft's Outlook service to be rejected and directed to spam folders starting on Thursday. Late on Thursday evening, Hotmail users began reporting that some emails were being returned with errors related to Sender Policy Framework (SPF), and thus recipient email services were unable "to confirm that [a] message came from a trusted location." READ MORE...
High severity vuln in WinRAR could allow code to run when files are opened
Users of the popular WinRAR compression and archiving tool should update now to avoid a vulnerability that allows code to be run when a user opens a RAR file. WinRAR is one of the many apps available for compressing and packaging multiple files together for distribution or archiving, and is claimed as the world's most popular compression tool with over 500 million users worldwide. READ MORE...
Google announces new algorithm that makes FIDO encryption safe from quantum computers
The FIDO2 industry standard adopted five years ago provides the most secure known way to log in to websites because it doesn't rely on passwords and has the most secure form of built-in two-factor authentication. Like many existing security schemes today, though, FIDO faces an ominous if distant threat from quantum computing, which one day will cause the currently rock-solid cryptography the standard uses to completely crumble. READ MORE...
- ...in 1858, the first of the historical debates between Illinois Senate candidates Abraham Lincoln and Stephen Douglas is held in Ottawa, IL.
- ...in 1911, The Mona Lisa is stolen by an employee of the Louvre. It would not be recovered until two years later.
- ...in 1959, Hawaii becomes the 50th state.
- ...in 1966, The Beatles played at Crosley Field in Cincinnati, with a set list comprised of only 11 songs and lasting 35 minutes. Tickets were $5.