IT Security Newsletter

IT Security Newsletter - 8/30/2023

Written by Cadre | Wed, Aug 30, 2023

U.S. Hacks QakBot, Quietly Removes Botnet Infections

The U.S. government today announced a coordinated crackdown against QakBot, a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. The international law enforcement operation involved seizing control over the botnet's online infrastructure, and quietly removing the Qakbot malware from tens of thousands of infected Microsoft Windows computers. READ MORE...

University of Michigan shuts down network after cyberattack

The University of Michigan has taken all of its systems and services offline to deal with a cybersecurity incident, causing a widespread impact on online services the night before classes started. University of Michigan (U-M) is one of the oldest and largest educational institutes in the United States, employing over 30,000 academic and administrative staff and having roughly 51,000 students. READ MORE...

Japan's cybersecurity agency admits it was hacked for months

Japan's National Center of Incident Readiness and Strategy for Cybersecurity (NISC), the agency responsible for the nation's defences against cyber attacks, has itself been hacked. As the Financial Times reports, the Chinese military are suspected of being behind a security breach that saw hackers infiltrate Japan's NISC for as long as nine months. At the start of this month, on August 4 2023, Japan's NISC went public about a security breach that had resulted in email conversations being exposed. READ MORE...

Unpatched Citrix NetScaler Devices Targeted by Ransomware Group FIN8

Citrix NetScaler ADC and NetScaler Gateway are at heightened risk of opportunistic attacks by a ransomware group likely linked to the financially motivated FIN8 threat actor. The critical code injection vulnerability is being tracked as CVE-2023-3519 and affects multiple versions of Citrix' application delivery, load balancing, and remote access technologies. READ MORE...

BGP Flaw Can Be Exploited for Prolonged Internet Outages

A serious flaw affecting several major Border Gateway Protocol (BGP) implementations can be exploited to cause prolonged internet outages, but some vendors are not patching it, a researcher warned on Tuesday. The issue was discovered by Ben Cox, the owner of BGP.Tools, a company that provides monitoring services to help organizations quickly identify and address BGP-related issues. READ MORE...

FBI confirms Barracuda patch is not effective for exploited ESG appliances

In an FBI Flash about a Barracuda ESG vulnerability, listed as CVE-2023-2868, the FBI has stated that the patches released by Barracuda in response to this CVE were ineffective for anyone previously infected. Although both Barracude and Mandiant have already made this determination, the agency says it has "independently verified" it. As we explained in an earlier post, the zero-day vulnerability was reportedly used in targeted attacks for months before the patch was issued. READ MORE...

  • ...in 1797, English novelist Mary Shelley, whose "Frankenstein; or, The Modern Prometheus" is considered one of the first works of science fiction, is born in London.
  • ...in 1945, Gen. Douglas MacArthur lands in Japan to accept the nation's formal surrender to the Allied Powers, and to organize the postwar occupation government.
  • ...in 1956, writer and comedian Frank Conniff Jr., AKA "TV's Frank" from "Mystery Science Theater 3000", is born in New York City.
  • ...in 1967, Thurgood Marshall becomes the first African-American Justice to be confirmed to the Supreme Court.