IT Security Newsletter

IT Security Newsletter - 8/22/2022

Written by Cadre | Mon, Aug 22, 2022

Fake Reservation Links Prey on Weary Travelers

A longtime threat group identified as TA558 has ramped up efforts to target the travel and hospitality industries. After a lull in activity, believed tied to COVID-related travel restrictions, the threat group has ramped up campaigns to exploit an uptick in travel and related airline and hotel bookings. Warnings come from security researchers who say TA558 cybercriminals have revamped their 2018 campaigns with fake reservation emails that deliver a malicious malware payload. READ MORE...

Textile Company Sferra Discloses Data Breach

Textile company Sferra Fine Linens on Friday announced that it has started notifying individuals of a cybersecurity incident involving their personal information. Founded in 1891, Sferra designs and sells Italian-made luxury linen products, including luxury sheets, table linens, and bedding collections, as well as decorative home accessories. Sferra has announced that it identified the incident on April 24, but that the threat actor had access to its servers for roughly two weeks prior to that. READ MORE...

Hackers steal crypto from Bitcoin ATMs by exploiting zero-day bug

Hackers have exploited a zero-day vulnerability in General Bytes Bitcoin ATM servers to steal cryptocurrency from customers. When customers would deposit or purchase cryptocurrency via the ATM, the funds would instead be siphoned off by the hackers. General Bytes is the manufacturer of Bitcoin ATMs that, depending on the product, allow people to purchase or sell over 40 different cryptocurrencies. READ MORE...

State-Sponsored APTs Dangle Job Opps to Lure In Spy Victims

Fake job offers have become a top phishing tactic for state-sponsored threat actors to lure in unsuspecting targets in the wake of the COVID-19 pandemic, as many reconsider their careers amid growing demand for skilled workers and managers. The cyber-threat analyst team at PwC, which has followed a prime example of this (the Lazarus Group's Operation In(ter)ception) closely, presented a detailed account of the Lazarus campaign and how the group implemented the strategy. READ MORE...

New Open Source Tool Shows Code Injected Into Websites by In-App Browsers

A researcher has conducted an analysis to see how major companies could track user activity through their mobile in-app browsers, and released a free and open source tool that allows anyone to check what code is being injected by such browsers. Some mobile applications use built-in browsers to allow users to quickly access third-party websites. Other apps include a browser to load their own resources, which may be needed to perform various activities. READ MORE...

Tech support scammers target Microsoft users with fake Office 365 USB sticks

Microsoft is a hot target for scammers and acts of fraud. For example, tech support scam websites cover themselves in Windows branding and messages. Phone scammers claim to be calling directly from Microsoft. If it's not a Bill Gates themed lottery spam mail in your mailbox, it's a fake Excel spreadsheet laden with dangerous Macros. Well, Microsoft is now issuing a warning related to a recent scam riding on the coat-tails of their branding. READ MORE...

FBI Warns of Proxies and Configurations Used in Credential Stuffing Attacks

The Federal Bureau of Investigation (FBI) has raised an alarm for cybercriminals using proxies and configurations to hide and automate credential stuffing attacks against companies in the United States. Credential stuffing attacks, also called account cracking, involve trying to access online accounts using username and password combinations from existing data leaks or which were purchased on dark web portals. READ MORE...

An encrypted ZIP file can have two correct passwords - here's why

Password-protected ZIP archives are common means of compressing and sharing sets of files-from sensitive documents to malware samples to even malicious files (i.e. phishing "invoices" in emails). But, did you know it is possible for an encrypted ZIP file to have two correct passwords, with both producing the same outcome when the ZIP is extracted? Arseniy Sharoglazov, a cybersecurity researcher at Positive Technologies shared over the weekend a simple experiment. READ MORE...

  • ...in 1776, British troops land at Long Island in preparation for the capture and occupation of New York City, lasting until the end of the Revolutionary War in 1783.
  • ...in 1864, the International Red Cross is founded as part of the first Geneva Convention, to provide humanitarian aid in times of war.
  • ...in 1902, the Cadillac Motor Car Division is founded from the remnants of the Henry Ford Company.
  • ...in 1989, Texas Ranger Nolan Ryan becomes the first MLB pitcher to record 5,000 strikeouts.