<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 8/30/2022

SHARE

Breaches

Nelnet Servicing breach exposes data of 2.5M student loan accounts

Data for over 2.5 million individuals with student loans from Oklahoma Student Loan Authority (OSLA) and EdFinancial was exposed after hackers breached the systems of technology services provider Nelnet Servicing. Technology services from Nelnet Servicing, including a web portal, are used by OSLA and EdFinancial to give online access students taking out a loan access to their loan accounts. READ MORE...


Twilio discloses more victims as phishing attack effects cascade

Twilio keeps discovering more victims as it continues to investigate the downstream impacts of a sophisticated phishing attack earlier this month. The company, in a Wednesday update, said it identified 163 customers whose data was compromised. Twilio previously said the attack impacted 125 customers. Twilio said it made multiple internal security improvements following the attack. READ MORE...

Hacking

Leading library services firm Baker & Taylor hit by ransomware

Baker & Taylor, which describes itself as the world's largest distributor of books to libraries worldwide, today confirmed it's still working on restoring systems after being hit by ransomware more than a week ago. As Baker & Taylor said on August 23, its servers were down after an outage that impacted the company's phone systems, offices, and service centers. READ MORE...


Chinese hackers zero in on Australian manufacturers, wind turbine operators

A Chinese-based cyberespionage group targeted Australian officials with reconnaissance malware to siphon off details about the victims hackers could use to execute more targeted strikes, researchers with cybersecurity firm Proofpoint and the PwC Threat Intelligence team said in joint research published Tuesday. The cyberespionage campaign that focused on government, energy and manufacturing personnel in the Asia-Pacific region deployed phishing emails directing targets to a fake news outlet. READ MORE...

Trends

FBI Warns of Surge in Attacks Targeting DeFi Platforms

The FBI is warning of an increase in attacks targeting decentralized finance (DeFi) platforms to steal cryptocurrency. According to the agency, miscreants are taking advantage of the increased interest in cryptocurrency and the complex functionality and the open source nature of DeFi platforms to perform nefarious activities. Cybercriminals are exploiting security flaws in the smart contracts governing DeFi platforms to steal virtual currency and cause investors to lose money, the FBI says. READ MORE...

Malware

That 'clean' Google Translate app is actually Windows crypto-mining malware

Watch out: someone is spreading cryptocurrency-mining malware disguised as legitimate-looking applications, such as Google Translate, on free software download sites and through Google searches. The cryptomining Trojan, known as Nitrokod, is typically disguised as a clean Windows app and works as the user expects for days or weeks before its hidden Monero-crafting code is executed. READ MORE...

Information Security

LastPass source code breach - do we still recommend password managers?

As you no doubt already know, because the story has been all over the news and social media recently, the widely-known and widely-used password manager LastPass last week reported a security breach. The breach itself actually happened two weeks before that, the company said, and involved attackers getting into the system where LastPass keeps the source code of its software. From there, LastPass reported, the attackers "took portions of source code and some proprietary LastPass technical information." READ MORE...

On This Date

  • ...in 1797, English novelist Mary Shelley, whose "Frankenstein; or, The Modern Prometheus" is considered one of the first works of science fiction, is born in London.
  • ...in 1945, Gen. Douglas MacArthur lands in Japan to accept the nation's formal surrender to the Allied Powers, and to organize the postwar occupation government.
  • ...in 1956, writer and comedian Frank Conniff Jr., AKA "TV's Frank" from "Mystery Science Theater 3000", is born in New York City.
  • ...in 1967, Thurgood Marshall becomes the first African-American Justice to be confirmed to the Supreme Court.