IT Security Newsletter

IT Security Newsletter - 8/5/2024

Written by Cadre | Mon, Aug 5, 2024

Chinese hackers compromised an ISP to deliver malicious software updates

APT StormBamboo compromised a undisclosed internet service provider (ISP) to poison DNS queries and thus deliver malware to target organizations, Volexity researchers have shared. StormBamboo (aka Evasive Panda, aka StormCloud), a Chinese-speaking threat actor that focuses on cyberespionage, has a penchant for compromising third parties to breach intended targets. READ MORE...

Scammers are impersonating cryptocurrency exchanges, FBI warns

The Federal Bureau of Investigation (FBI) issued a public service announcement warning the public about scammers impersonating cryptocurrency exchange employees to steal funds. There are many types of crypto related scams, but in this case, the FBI provided an advisory about scammers that contact the target and pretend to be employees of a cryptocurrency exchange. READ MORE...

Israeli hacktivist group brags it took down Iran's internet

Israel-based hacktivists are taking credit for an ongoing internet outage in Iran. Operating under the name WeRedEvils, the group has been around since at least October 2023, likely as a direct consequence of Hamas's attack on Israel, which led to the current Gaza war. "In the coming minutes we will attack systems and internet providers in Iran," WeRedEvils said on Telegram yesterday. "A hard blow is on the way." READ MORE...

CrowdStrike outage renews supply chain concerns, federal officials say

Federal officials said the global IT outage stemming from a faulty CrowdStrike software update is raising prior concerns about the security of the software supply chain. The U.S. Government Accountability Office released a report Tuesday noting the July 19 outage, which led to the disruption of 8.5 million Microsoft Windows systems. The CrowdStrike incident resurrected concerns raised during the state-linked supply chain attack against SolarWinds in 2020, according to the GAO. READ MORE...

Google gamed into advertising a malicious version of Authenticator

Scammers have been using Google's own ad system to fool people into downloading a borked copy of the Chocolate Factory's Authenticator software. A team at security shop Malwarebytes spotted the adverts, which appear to come from a Google approved domain - and from a verified user - earlier this week. They even list the domain for the download as coming from google.com, as you can see below, even though it defaults to a GitHub download. READ MORE...

Surge in Magniber ransomware attacks impact home users worldwide

A massive Magniber ransomware campaign is underway, encrypting home users' devices worldwide and demanding thousand-dollar ransoms to receive a decryptor. Magniber launched in 2017 as a successor to the Cerber ransomware operation when it was spotted being distributed by the Magnitude exploit kit. Since then, the ransomware operation has seen bursts of activity over the years, with the threat actors utilizing various methods to distribute Magniber and encrypt devices. READ MORE...

Apache OFBiz Users Warned of New and Exploited Vulnerabilities

Organizations using Apache OFBiz are being urged to patch a critical vulnerability, following reports of increasing exploitation attempts targeting another recently discovered security hole. The new vulnerability, tracked as CVE-2024-38856, was disclosed over the weekend. According to Apache OFBiz developers, versions through 18.12.14 are impacted and 18.12.15 includes a fix. READ MORE...

Disney, Nike, IBM Signatures Anchor 3M Fake Emails a Day

Millions of near-undetectable emails impersonating blue chip companies were spreading every day through the first half of 2024, thanks to some permissive features of Microsoft 365 and Proofpoint's email protection service. Proofpoint's secure email gateway (SEG) is a kind of firewall for corporate emails, filtering what comes in and applying authentication to what goes out. READ MORE...

  • ...in 1858, the first transatlantic telegraph cable is completed.
  • ...in 1884, the cornerstone for the Statue of Liberty is laid on the former Bedloe's Island (now Liberty Island) in New York Harbor.
  • ...in 1914, the first electric traffic signal lights are installed in Cleveland, Ohio.
  • ...in 1926, magician and escape artist Harry Houdini performs his greatest feat, apparently spending 91 minutes in a sealed underwater tank before escaping.