IT Security Newsletter

IT Security Newsletter - 8/3/2020

Written by Cadre | Mon, Aug 3, 2020

Florida teen charged as "mastermind" in Twitter hack hitting Biden, Bezos, and others

Authorities on Friday charged three people with orchestrating this month's epic hack of Twitter and using it to generate more than $100,000 in a bitcoin scam promoted by hijacked accounts of politicians, executives, and celebrities. Federal prosecutors in San Francisco charged Mason Sheppard, 19, Nima Fazeli, 22, and an unnamed juvenile in the July 15 breach. Prosecutors in Florida, where the juvenile defendant lives, identified him as 17-year-old Graham Ivan Clark and charged him with 30 felony charges. READ MORE...

Havenly discloses data breach after 1.3M accounts leaked online

Havenly, a US-based interior design web site, has disclosed a data breach after a hacker posted a database containing 1.3 million user records for free on a hacker forum. Havenly is an online interior design and home decoration site where users can get help designing a room in their house from certified designers. Last week, BleepingComputer reported that the ShinyHunters hacking group had leaked the databases for 18 companies on a hacker forum for free. READ MORE...

Another guilty plea in $568 million Infraud crime ring

A Moldovan man on Friday became the second person in as many months to plead guilty to being part of Infraud, a $568 million cybercriminal enterprise that stole payment cards and personal data from around the world, the U.S. Department of Justice said. 30-year-old Valerian Chiochiu, who allegedly trained Infraud members on writing and deploying malware, appeared before a judge in federal court in Nevada, U.S. officials said. READ MORE...

CWT Travel Agency Faces $4.5M Ransom in Cyberattack, Report

CWT, a giant in the corporate travel agency world with a global clientele, may have faced payment of $4.5 million to unknown hackers in the wake of a ransomware attack. Independent malware hunter @JAMESWT tweeted on Thursday that a malware sample used against CWT (formerly known as Carlson Wagonlit Travel) had been uploaded to VirusTotal on July 27, he also included a ransom note indicating that the ransomware in question is Ragnar Locker. READ MORE...

Red Hat and CentOS systems aren't booting due to BootHole patches

Early this morning, an urgent bug showed up at Red Hat's bugzilla bug tracker-a user discovered that the RHSA_2020:3216 grub2 security update and RHSA-2020:3218 kernel security update rendered an RHEL 8.2 system unbootable. The bug was reported as reproducible on any clean minimal install of Red Hat Enterprise Linux 8.2. The patches were intended to close a newly discovered vulnerability in the GRUB2 boot manager called BootHole. READ MORE...

Confirmed: Garmin received decryptor for WastedLocker ransomware

BleepingComputer can confirm that Garmin has received the decryption key to recover their files encrypted in the WastedLocker Ransomware attack. On July 23rd, 2020, Garmin suffered a worldwide outage where customers could not access their connected services, including the Garmin Connect, flyGarmin, Strava, inReach solutions. BleepingComputer was the first to confirm that they suffered a cyberattack by the WastedLocker Ransomware operators after employees shared photos of encrypted workstations. READ MORE...

10 billion records exposed in unsecured databases, study says

Researchers have found close to 10.5 billion pieces of consumer data that has been left sitting in almost 10,000 unsecured internet-facing databases hosted across 20 countries. The data is said to include email addresses, passwords, and phone numbers. The study was conducted by NordPass between June 2019 and June 2020 in cooperation with an unnamed white hat hacker, who scanned the web for Elasticsearch and MongoDB libraries in search of misconfigured databases. READ MORE...

4 Unpatched Bugs Plague Grandstream ATAs for VoIP Users

Multiple high-severity vulnerabilities in the Grandstream HT800 series of Analog Telephone Adaptors (ATAs) threaten home office and midrange users alike, with outages, eavesdropping and device takeover. The HT800 series of ATAs is designed for everyone from home or small-office users to medium-sized businesses, looking to connect their analog telephone devices to a VoIP network, unified communications system or other IP-based communications infrastructure. READ MORE...

  • ...in 1492, Christopher Columbus leaves Spain on his voyage to the new world.
  • ...in 1807, former Vice President Aaron Burr is put on trial for treason, after allegedly leading a secessionist plot to take over the western territories.
  • ...in 1958, the first nuclear submarine, USS Nautilus, passes under the North Pole.
  • ...in 1977, Tandy unveils the TRS-80 PC, which with Apple and Commodore would form the "1977 Trinity" of affordable home computers.