IT Security Newsletter - 8/27/2021
Chinese Developer Exposes Data on Over One Million Gamers
A Chinese game developer has unwittingly exposed the personal and device details of over a million players after leaving an internet-facing server unsecured, according to researchers. A team at vpnMentor led by Noam Rotem and Ran Locar, discovered the unprotected Elasticsearch server on July 5. After no reply from its owner, EskyFun Entertainment Network Limited, they contacted the Hong Kong CERT, and the next day, July 28, the database was secured. READ MORE...
Man Sues Parents of Teens Who Hijacked Nearly $1M in Bitcoin
When Colorado resident Andrew Schober downloaded the Electrum Atom Bitcoin wallet from Reddit, he also picked up a piece of clipboard hijacking malware that eventually redirected his 16.4552 Bitcoin to a wallet controlled by two teenagers living in the U.K. At today's price, 16.4552 Bitcoin would be worth ~$773,000. After spending years and around $10,000 on experts to track down the threat actors, Schober identified the culprits as Benedict Thompson and Oliver Read, now adults who are studying computer science. READ MORE...
Ragnarok ransomware releases master decryptor after shutdown
Ragnarok ransomware gang appears to have called it quits and released the master key that can decrypt files locked with their malware. The threat actor did not leave a note explaining the move, all of a sudden, they replaced all the victims on their leak site with a short instruction on how to decrypt files. The leak site has been stripped of visual elements. All that remains there is the brief text linking to an archive containing the master key and the accompanying binaries for using it. READ MORE...
FBI Warns Businesses of New Hive Ransomware
The FBI has issued a warning to firms about an increasingly prolific new ransomware variant known as Hive. The Flash alert posted this week noted that the affiliate-based ransomware uses multiple mechanisms to compromise corporate networks, making it harder for defenders to mitigate. It noted that these include phishing emails with malicious attachments to gain initial access and the hijacking of Remote Desktop Protocol (RDP) to move laterally. READ MORE...
FIN8 Hackers Add 'Sardonic' Backdoor to Malware Arsenal
The financially-motivated threat actor tracked as FIN8 has added a potent new backdoor to its arsenal and is already using it in attacks in-the-wild, according to researchers at endpoint security firm Bitdefender. Active since at least 2016, FIN8 made a reputation for itself with the targeting of point-of-sale systems, but appears to have strengthened its portfolio with a more potent utility. READ MORE...
Microsoft warns Azure customers of critical Cosmos DB vulnerability
Microsoft has warned thousands of Azure customers that a now-fixed critical vulnerability found in Cosmos DB allowed any user to remotely take over other users' databases by giving them full admin access without requiring authorization. Azure Cosmos DB is a globally distributed and fully managed NoSQL database service used by high-profile customers, including Mercedes Benz, Symantec, Coca-Cola, Exxon-Mobil, and Citrix. READ MORE...
Big bad decryption bug in OpenSSL - but no cause for alarm
The well-known and widely-used encryption library OpenSSL released a security patch earlier this week. OpenSSL, as its name suggests, is mainly used by network software that uses the TLS protocol (transport layer security), formerly known as SSL (secure sockets layer), to protect data in transit. Although TLS has now replaced SSL many of the popular open source programming libraries that support it have kept old-school product names for the sake of familiarity. READ MORE...
- ...in 1859, Edwin Drake strikes oil at 69 feet near Titusville, Pennsylvania, the world's first successful oil well.
- ...in 1883, the most powerful volcanic eruption in recorded history occurs on Krakatoa, off the coast of Indonesia.
- ...in 1904, Newport, RI imposes the first jail sentence for a speeding violation.
- ...in 1964, the Beatles perform at the Cincinnati Gardens.