<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 8/24/2023

SHARE

Top News

Hackers target Pentagon contract site via compromised routers

A hacking campaign leveraging compromised routers in Europe and Latin America that went dark this spring has resumed operations, and is now targeting U.S. Department of Defense procurement sites and organizations in Taiwan, according to research from Black Lotus Labs, the security research arm of Lumen. The recent attacks share some similarities to recent campaigns, including Volt Typhoon. READ MORE...

Hacking

Lapsus$ teen hackers convicted of high-profile cyberattacks

A London jury has found that an 18-year-old member of the Lapsus$ data extortion gang helped hack multiple high-profile companies, stole data from them, and demanded a ransom threatening to leak the information. Believed to be one of the leaders of the group, Arion Kurtaj, from Oxford, England, was arrested twice in 2022, first in January and then again in March, in connection with Lapsus$ hacking activity. READ MORE...


North Korea may be itching to sell $40m of purloined Bitcoin

Lazarus Group, the infamous cryptocurrency thieves backed by North Korea, may try to liquidate a stash of stolen Bitcoin worth more than $40 million, according to the FBI. In an alert issued on Tuesday, agents said they tracked the purloined cryptocurrency over the past 24 hours. During the investigation, they found that Kim Jong Un's cyber goons, which the FBI calls TraderTraitor and is more widely known as Lazarus Group, moved about 1,580 Bitcoin from several cryptocurrency heists. READ MORE...

Malware

North Korea's Lazarus Group Used GUI Framework to Build Stealthy RAT

In recent attacks against healthcare organizations and an Internet infrastructure company, North Korea's famous Lazarus Group deployed a new, ultra-compact, highly evasive remote access Trojan (RAT) called "QuiteRAT." QuiteRAT is an upgraded version of another RAT the group deployed in 2022, "MagicRAT," itself a follow-up from 2021's "TigerRAT." QuiteRAT can pilfer information about its host machine and user, as well as run commands. READ MORE...

Exploits/Vulnerabilities

Adobe ColdFusion vulnerability exploited in the wild

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Adobe ColdFusion vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This means that Federal Civilian Executive Branch (FCEB) agencies need to remediate this vulnerability by September 11, 2023 to protect their networks against active threats. READ MORE...


Over 3,000 Openfire servers vulnerable to takover attacks

Thousands of Openfire servers remain vulnerable to CVE-2023-32315, an actively exploited and path traversal vulnerability that allows an unauthenticated user to create new admin accounts. Openfire is a widely used Java-based open-source chat (XMPP) server downloaded 9 million times. On May 23, 2023, it was disclosed that the software was impacted by an authentication bypass issue that affected version 3.10.0, released in April 2015, until that point. READ MORE...

On This Date

  • ...in 1891, Thomas Edison files a patent for his motion picture camera.
  • ...in 1932, Amelia Earhart is the first woman to fly across the US non-stop.
  • ...in 1989, baseball commissioner A. Bartlett Giamatti bans Cincinnati Reds manager Pete Rose from baseball for gambling.
  • ...in 2006, Pluto is downgraded to a dwarf planet when the International Astronomical Union (IAU) redefines the term "planet."