<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 8/6/2024

SHARE

Breaches

That cyber-heist of 2.9B personal records? There's a class-action lawsuit looming for that

A lawsuit has accused a Florida data broker of carelessly failing to secure billions of records of people's private information, which was subsequently stolen from the biz and sold on an online criminal marketplace. California resident Christopher Hofmann filed the potential class-action complaint against Jerico Pictures, doing business as National Public Data, a Coral Springs-based firm that provides APIs so that companies can perform things like background checks. READ MORE...

Hacking

Low-Drama 'Dark Angels' Reap Record Ransoms

A ransomware group called Dark Angels made headlines this past week when it was revealed the crime group recently received a record $75 million data ransom payment from a Fortune 50 company. Security experts say the Dark Angels have been around since 2021, but the group doesn't get much press because they work alone and maintain a low profile, picking one target at a time and favoring mass data theft over disrupting the victim's operations. READ MORE...


North Korean hackers exploit VPN update flaw to install malware

South Korea's National Cyber Security Center (NCSC) warns that state-backed DPRK hackers hijacked flaws in a VPN's software update to deploy malware and breach networks. The advisory connects this activity with a nationwide industrial factories modernization project Kim Jong-un, the North Korean president, announced in January 2023, believing the hackers are looking to steal trade secrets from South Korea. READ MORE...

Malware

Sneaky SnakeKeylogger slithers into Windows inboxes to steal sensitive secrets

Criminals are preying on Windows users yet again, this time in an effort to hit them with a keylogger that can also steal credentials and take screenshots. In an alert this month, Fortinet's FortiGuard Labs warned of an uptick in SnakeKeylogger infections. Once running on someone's PC, this malware records the victim's keystrokes as they log into things, fishes usernames and passwords out of their files, and takes screenshots to snoop on people. READ MORE...


Ransomware gang targets IT workers with new SharpRhino malware

The Hunters International ransomware group is targeting IT workers with a new C# remote access trojan (RAT) called SharpRhino to breach corporate networks. The malware helps Hunters International achieve initial infection, elevate their privileges on compromised systems, execute PowerShell commands, and eventually deploy the ransomware payload. Quorum Cyber researchers who discovered the new malware report that it is disseminated by a typosquatting site. READ MORE...

Information Security

CrowdStrike rebukes Delta's negligence claims in fiery letter

CrowdStrike struck back forcefully against Delta Air Lines' claims of negligence and misconduct in a letter sent Sunday to the firm representing Delta, signed by attorney Michael Carlinsky. It's the latest in what has become a public dispute following recovery from the global CrowdStrike outage, which was caused by a faulty software update pushed to Windows servers on July 19. READ MORE...


OpenAI has the tech to watermark ChatGPT text-it just won't release it

According to The Wall Street Journal, there's internal conflict at OpenAI over whether to release a watermarking tool that would allow people to test text to see whether it was generated by ChatGPT. To deploy the tool, OpenAI would make tweaks to ChatGPT that would lead it to leave a trail in the text it generates that can be detected by a special tool. The watermark would be undetectable by human readers without the tool. READ MORE...

Exploits/Vulnerabilities

Rockwell PLC Security Bypass Threatens Manufacturing Processes

A security bypass vulnerability in Rockwell Automation ControlLogix 1756 devices could open critical infrastructure to cyberattacks on the operational technology (OT) that controls physical processes. According to Claroty's Team82, the bug (CVE-2024-6242, CVSS 8.4), could allow a remote attacker with network access to the device to send elevated commands to the CPU of a programmable logic controller (PLC), from an untrusted chassis card. READ MORE...


20K Ubiquiti IoT Cameras & Routers Are Sitting Ducks for Hackers

Tens of thousands of small office/home office (SOHO) devices sold by Ubiquiti Inc. are vulnerable on the open Internet to a five-year-old bug, researchers are warning. In January 2019, broadband Internet expert Jim Troutman warned that an exposed port in dozens of Ubiquiti Internet of Things (IoT) gadgets was being exploited in denial-of-service (DoS) attacks. The underlying vulnerability, CVE-2017-0938, was assigned a "high" 7.5 score on the CVSS scale. READ MORE...

On This Date

  • ...in 1911, actress and television producer Lucille Ball is born in Jamestown, NY.
  • ...in 1965, President Lyndon B. Johnson signs the Voting Rights Act of 1965, extending the enforcement of the 14th and 15th Amendments for all Americans.
  • ...in 1996, the influential punk rock group The Ramones play their farewell concert at The Palace in Los Angeles.
  • ...in 2012, Cadre moves to its current headquarters in the PNC Center in Cincinnati.