IT Security Newsletter - 8/9/2024
Stolen data from scraping service National Public Data leaked online
Cybercriminals are offering a large database for sale that may include your data without you even being aware of its existence. The stolen data comes from a data scraping service trading under the name "scraping" which was allegedly breached by a cybercriminal group by the name of USDoD. In April, a member of this group posted the database, which contains the data of some 2.9 billion people, up for sale for $3.5 million. READ MORE...
Iran Is Accelerating Cyber Activity That Appears Meant to Influence the US Election, Microsoft Says
Iran is accelerating online activity that appears intended to influence the U.S. election, in one case targeting a presidential campaign with an email phishing attack, Microsoft said Friday. Iranian actors also have spent recent months creating fake news sites and impersonating activists, laying the groundwork to stoke division and potentially sway American voters this fall, especially in swing states, the technology giant found. READ MORE...
Malware-as-a-Service and Ransomware-as-a-Service lower barriers for cybercriminals
The sophistication of cyber threats has escalated dramatically, with malicious actors' deploying advanced tactics, techniques, and procedures (TTPs) to exploit vulnerabilities and evade detection, according to Darktrace. Subscription-based tools such as Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) have also lowered the barrier-to-entry for less experienced attackers, making it easier to carry out complex, multistage attacks. READ MORE...
Nashville man arrested for aiding North Korean remote IT worker fraud
A Nashville resident was arrested Thursday on charges of facilitating a remote IT-worker scheme that funneled hundreds of thousands of dollars to North Korea's illicit weapons program. Matthew Isaac Knoot, 38, allegedly assisted North Korean IT workers in getting hired by U.S. and British companies under false identities. The indictment details a complex operation where Knoot allegedly used stolen identities to obtain remote work for North Korean nationals. READ MORE...
How to Weaponize Microsoft Copilot for Cyberattackers
Enterprises are implementing Microsoft's Copilot AI-based chatbots at a rapid pace, hoping to transform how employees gather data and organize their time and work. But at the same time, Copilot is also an ideal tool for threat actors. Security researcher Michael Bargury says attackers can use Copilot to search for data, exfiltrate it without producing logs, and socially engineer victims to phishing sites even if they don't open emails or click on links. READ MORE...
Vulnerability Allowed Eavesdropping via Sonos Smart Speakers
NCC Group researchers have disclosed vulnerabilities found in Sonos smart speakers, including a flaw that could have been exploited to eavesdrop on users. One of the vulnerabilities, tracked as CVE-2023-50809, can be exploited by an attacker who is in Wi-Fi range of the targeted Sonos smart speaker for remote code execution. The researchers demonstrated how an attacker targeting a Sonos One speaker could have used this vulnerability to take control of the device, covertly record audio, and more. READ MORE...
CISA warns about actively exploited Apache OFBiz RCE flaw
The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting Apache OFBiz. Apache OFBiz (Open For Business) is a popular open-source enterprise resource planning (ERP) system that provides a suite of business applications to manage various aspects of an organization. Due to its versatility and cost-effectiveness, it's used in a wide range of industries and business sizes. READ MORE...
Cisco warns of critical RCE zero-days in end of life IP phones
Cisco is warning of multiple critical remote code execution zero-days in the web-based management interface of the end-of-life Small Business SPA 300 and SPA 500 series IP phones. The vendor has not made fixes available for these devices and shared no mitigation tips, so users of those products will have to move to newer and actively supported models as soon as possible. READ MORE...
- ...in 1892, Thomas Edison receives a patent for a two-way telegraph system.
- ...in 1936, track star Jesse Owens wins his fourth gold medal of the Berlin Olympics in the 4x100-meter relay.
- ...in 1968, actress Gillian Anderson ("The X-Files", "The Crown") is born in Chicago, IL.
- ...in 2010, JetBlue flight attendant Steven Slater quits his job in dramatic style by sliding down his plane's emergency-escape chute.