IT Security Newsletter - 8/8/2023
North Korean Hackers Targeted Russian Missile Developer
A Russian defense industrial base organization specializing in missiles and military spacecraft appears to have been targeted by two important North Korean hacking groups. On the surface it seems that North Korea is one of Russia's strongest allies since the start of the Ukraine war, with Pyongyang recently showing off its missiles to Russian officials. However, research conducted by cybersecurity firm SentinelOne appears to show that North Korea is actually targeting Russia in cyberspace. READ MORE...
Colorado Department of Higher Education warns of massive data breach
The Colorado Department of Higher Education (CDHE) discloses a massive data breach impacting students, past students, and teachers after suffering a ransomware attack in June. In a 'Notice of Data Incident' published on the CDHE website, the Department says they suffered a ransomware attack on June 19th, 2023. "On June 19, 2023, CDHE became aware it was the victim of a cybersecurity ransomware incident that impacted its network systems," explains the data breach notification. READ MORE...
Burger King Serves Up Sensitive Data, No Mayo
A misconfiguration in the site for Burger King France has exposed sensitive data that could have been used to launch a whopper of a cyberattack against the chain. Researchers at Cybernews found the flaw and noted that a similar 2019 misconfiguration had leaked information on kids who bought Burger King menus. The most recent Burger King data leak incident exposed database credentials, and what researchers think are job posts and applicant data. READ MORE...
Ransomware attack on Prospect Medical Holdings impacts hospitals across 4 states
A ransomware attack against Prospect Medical Holdings disrupted healthcare services across multiple states last week, prompting multiple hospital closures as response and recovery efforts are underway. "Prospect Medical Holdings recently experienced a data security incident that has disrupted our operations," the healthcare provider said Friday in a statement. The California-based company operates 16 hospitals and more than 165 clinics and outpatient facilities in four other states. READ MORE...
Report: New ransomware gang emerges in Vietnam
Cybersecurity researchers at Cisco Talos have discovered a new ransomware gang operating out of Vietnam, the latest addition to an increasingly crowded cybercriminal landscape in Southeast Asia. Targeting victims in English-speaking countries, as well as Bulgaria, China, and Vietnam, the gang uses a Yashma ransomware variant that downloads a ransomware note from an account dubbed "nguyenvietphat" on the code sharing platform Github, evading some endpoint detection and antivirus software, Cisco's report finds. READ MORE...
Clop ransomware now uses torrents to leak data and evade takedowns
The Clop ransomware gang has once again altered extortion tactics and is now using torrents to leak data stolen in MOVEit attacks. Starting on May 27th, the Clop ransomware gang launched a wave of data-theft attacks exploiting a zero-day vulnerability in the MOVEit Transfer secure file transfer platform. Exploiting this zero-day allowed the threat actors to steal data from almost 600 organizations worldwide before they realized they were hacked. READ MORE...
AI researchers claim 93% accuracy in detecting keystrokes over Zoom audio
By recording keystrokes and training a deep learning model, three researchers claim to have achieved upwards of 90 percent accuracy in interpreting remote keystrokes, based on the sound profiles of individual keys. In their paper A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards (full PDF), UK researchers Joshua Harrison, Ehsan Toreini, and Marhyam Mehrnezhad claim that the trio of ubiquitous machine learning, microphones, and video calls "present a greater threat to keyboards than ever." READ MORE...
Threat actors abuse valid accounts using manual tactics, CrowdStrike says
Threat actors are spurning the rise of automation and using manual tactics to intrude organizations' networks and rapidly access sensitive data, according to CrowdStrike's 2023 Threat Hunting Report released Tuesday. Attacks that use hands-on-keyboard activity, which CrowdStrike refers to as interactive intrusions, jumped 40% between July 1, 2022 and June 30, 2023, the research found. Threat actors used valid account credentials to initiate more than 3 in 5 of these attacks. READ MORE...
Physicists achieve fusion with net energy gain for second time
US government scientists have achieved net energy gain in a fusion reaction for the second time, a result that is set to fuel optimism that progress is being made toward the dream of limitless, zero-carbon power. Physicists have since the 1950s sought to harness the fusion reaction that powers the Sun, but until December no group had been able to produce more energy from the reaction than it consumes-a condition also known as ignition. READ MORE...
- ...in 1945, President Harry S. Truman signs the United Nations Charter and the United States becomes the first nation to complete the ratification process.
- ...in 1945, the Soviet Union officially declares war on Japan, pouring more than 1 million Soviet soldiers into Japanese-occupied Manchuria.
- ...in 1974, in an evening televised address, President Richard M. Nixon announces his intention to resign in the wake of the Watergate scandal.
- ...in 1988, the Chicago Cubs host Wrigley Field's first ever night game.