<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 8/4/2022



Spanish research agency still recovering after ransomware attack

The Spanish National Research Council (CSIC) last month was hit by a ransomware attack that is now attributed to Russian hackers. CSIC is a state agency for scientific research and technological development part of the Spanish Ministry of Science and Innovation but with a special status in that it has "its own assets and treasury, functional and managerial autonomy." READ MORE...

Power Electronics Manufacturer Semikron Targeted in Ransomware Attack

German power electronics manufacturer Semikron revealed this week that it has been targeted in a cyberattack. Semikron, which employs 3,000 people across 24 subsidiaries worldwide, makes power modules and systems. Its products are used in motor drives, industrial automation systems, as well as other application areas. In a notice posted on its website on Monday, Semikron said it had been targeted by 'a professional hacker group'. READ MORE...


North Korea-backed hackers have a clever way to read your Gmail

Researchers have unearthed never-before-seen malware that hackers from North Korea have been using to surreptitiously read and download email and attachments from infected users' Gmail and AOL accounts. The malware, dubbed SHARPEXT by researchers from security firm Volexity, uses clever means to install a browser extension for the Chrome and Edge browsers, Volexity reported in a blog post. The extension can't be detected by the email services. READ MORE...

Russian organizations attacked with new Woody RAT malware

Unknown attackers target Russian entities with newly discovered malware that allows them to control and steal information from compromised devices remotely. According to Malwarebytes, one of the Russian organizations that were attacked using this malware is a government-controlled defense corporation. "Based on a fake domain registered by the threat actors, we know that they tried to target a Russian aerospace and defense entity known as OAK," the Malwarebytes Labs researchers said. READ MORE...

Information Security

Ukraine takes down 1,000,000 bots used for disinformation

The Ukrainian cyber police (SSU) has shut down a massive bot farm of 1,000,000 bots used to spread disinformation on social networks. The goal of the bot farm was to discredit information coming from official Ukrainian state sources, destabilize the social and political situation in the country, and create internal strife. The messages spread by the bots were in line with Russian propaganda, so the operators of the disinformation machine are believed to be members of the Russian special services. READ MORE...


Critical RCE Bug in DrayTek Routers Opens SMBs to Zero-Click Attacks

A critical, pre-authenticated remote code execution (RCE) vulnerability has cropped up in the widely used line of DrayTek Vigor routers for smaller businesses. If it's exploited, researchers warn that it could allow complete device takeover, along with access to the broader network. The bug (tracked as CVE-2022-32548) carries the highest vulnerability-severity score on the CVSS scale: 10 out of 10. READ MORE...

Critical Vulnerabilities Allow Hacking of Cisco Small Business Routers

Updates released by Cisco for some of its small business routers patch serious vulnerabilities that could allow threat actors to take control of affected devices. Three vulnerabilities have been identified by external researchers in Cisco's RV160, RV260, RV340, and RV345 series VPN routers. An unauthenticated attacker could exploit the flaws remotely for arbitrary code execution and denial-of-service (DoS) attacks. READ MORE...

On This Date

  • ...in 1914, President Woodrow Wilson and the U.S. declare neutrality in World War I.
  • ...in 1977, President Jimmy Carter signs legislation creating the US Department of Energy.
  • ...in 2007, NASA launches the Phoenix Mars probe to investigate the Martian surface for evidence of water and microbial life.
  • ...in 2011, Paul McCartney performs a live concert at Great American Ball Park in Cincinnati, Ohio.