<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 8/22/2019

SHARE

Breaches_ITSEC-1

Massive MoviePass database found exposed on public server

Last year, MoviePass CEO Mitch Lowe gloated about how the company was using subscribers’ data……or, rather, how MoviePass could use that data, as a company spokesman hastened to point out in the uproar that followed Lowe’s remarks at an Entertainment Finance Forum session titled, appropriately enough, “Data is the New Oil: How Will MoviePass Monetize It?”

Hacking_ITSEC

Hackers Want $2.5 Million Ransom for Texas Ransomware Attacks

The threat actor that hit multiple Texas local governments with file-encrypting malware last week may have done it by compromising a managed service provider. The attacker demanded a collective ransom of $2.5 million, the mayor of a municipality says. New details from the Department of Information Resources (DIR) announce that the number of victims has been established to 22, with evidence pointing to a single party responsible for the attacks.


Hacking group targets organizations focused on North Korea's missile program

The threat actor that hit multiple Texas local governments with file-encrypting malware last week may have done it by compromising a managed service provider. The attacker demanded a collective ransom of $2.5 million, the mayor of a municipality says. New details from the Department of Information Resources (DIR) announce that the number of victims has been established to 22, with evidence pointing to a single party responsible for the attacks.

Malware_ITSEC

First‑of‑its‑kind spyware sneaks into Google Play

ESET researchers have discovered the first known spyware that is built on the foundations of AhMyth open-source malware and has circumvented Google’s app-vetting process. The malicious app, called Radio Balouch aka RB Music, is actually a fully working streaming radio app for Balouchi music enthusiasts, except that it comes with a major sting in its tail – stealing personal data of its users.

Software_ITSEC

Update now! Microsoft patches its Android RDP app to fix flaw

Microsoft has added its Android Remote Desktop Protocol (RDP) app to the list of client software that needs updating to fix a security flaw first made public as part of July’s Patch Tuesday. The flaw, tracked as CVE-2019-1108, was described as an information disclosure issue that could allow an attacker “to connect remotely to an affected system and run a specially crafted application.”

Exploits_ITSEC

Researcher Discloses Second Steam Zero-Day After Valve Bug Bounty Ban

A researcher has disclosed a zero-day privilege-escalation vulnerability for the Steam gaming client after he said he was barred from the bug bounty program of Steam’s owner, Valve. The vulnerability is the second zero-day privilege-escalation vulnerability that has been released by independent researcher Vasily Kravets in two weeks for the Steam gaming client, which is a video game digital distribution platform developed by Valve Corporation.


Cisco warns about public exploit code for critical flaws in its smart switches

Cisco has fixed over 30 vulnerabilities in various solutions, including Cisco UCS Director, Cisco UCS Director Express for Big Data, Cisco IMC Supervisor, and the Cisco 220 Series smart switches. Users of Cisco UCS Director and Cisco UCS Director Express for Big Data are advised to upgrade to versions 6.7.3.0 and 3.7.3.0, respectively.


Backdoor Found in Utility for Linux, Unix Servers

In an unnerving twist, when a critical zero-day vulnerability was reported in a Unix administration tool, called Webmin, it was revealed the flaw was no accident. According to researchers, the vulnerability was a secret backdoor planted in the popular utility nearly a year before its discovery. The backdoor gave anyone with knowledge of its existence the ability to execute commands as root, meaning an attacker could take control of the targeted endpoint.