<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 8/23/2019



Krebs on Security: Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards

On Tuesday of this week, one of the more popular underground stores peddling credit and debit card data stolen from hacked merchants announced a blockbuster new sale: More than 5.3 million new accounts belonging to cardholders from 35 U.S. states. Multiple sources now tell KrebsOnSecurity that the card data came from compromised gas pumps, coffee shops and restaurants operated by Hy-Vee, an Iowa-based company that operates a chain of more than 245 supermarkets throughout the Midwestern United States.

Illegal Cryptocurrency Mining at Ukraine Nuclear Plant Exposed Sensitive Data

Sensitive information from a nuclear power plant in Ukraine was exposed due to an illegal cryptocurrency mining operation run by workers, according to several media reports. Local media reported that the Security Service of Ukraine (SBU) last month discovered unauthorized computer equipment at the South Ukraine Nuclear Power Station near the city of Yuzhnoukrainsk in the Mykolaiv province.


Emotet Botnet Is Back, Servers Active Across the World

Command and control (C2) servers for the Emotet botnet appear to have resumed activity and deliver binaries once more. This comes after being inert since the beginning of June. Although it started as a banking trojan in 2014, Emotet changed its course to becoming a botnet that delivers various malware strains.


Bumper Cisco patches fix four new ‘critical’ vulnerabilities

If you’re a Cisco customer, the company just issued some urgent patching homework in the form of 31 security fixes, including four addressing new flaws rated ‘critical’. Three of the criticals (CVE-2019-1937, CVE-2019-1938, CVE-2019-1974) relate to authentication bypass vulnerabilities affecting the following products.


Cyberbullying: What schools and teachers can do

These days, the internet is woven into people’s everyday lives, and children’s lives are no exception. For all its benefits, the technological evolution has also brought, or magnified, some problems, and cyberbullying is one of the most pervasive threats that youth face online. In fact, when a kid starts to be bullied at school, the harassment usually continues on social networks, messaging apps, and elsewhere on the internet.


Hackers Target Vulnerabilities in Fortinet, Pulse Secure Products

Recently disclosed vulnerabilities affecting enterprise virtual private network (VPN) products from Fortinet and Pulse Secure have been exploited in the wild, a researcher reported on Thursday. Both vulnerabilities allow remote, unauthenticated attackers to access arbitrary files on the targeted systems. The impacted vendors released patches and advisories before the details of the vulnerabilities were made public.

Unpatched Squid Servers Exposed to DoS, Code Execution Attacks

Multiple versions of the Squid web proxy cache server built with Basic Authentication features are currently vulnerable to code execution and denial-of-service (DoS) attacks triggered by the exploitation of a heap buffer overflow security flaw. The vulnerability present in Squid 4.0.23 through 4.7 is caused by incorrect buffer management which renders vulnerable installations to "a heap overflow and possible remote code execution attack when processing HTTP Authentication credentials."