IT Security Newsletter - 9/13/2021
Meris Botnet Flexes Muscles With 22 Million RPS DDoS Attack
A series of record-breaking RPS-based distributed denial of service (DDoS) attacks observed over the past month are the result of a new, powerful botnet flexing its muscles to prove its capabilities. Referred to as Meris (the Latvian word for plague), the botnet is apparently responsible for the largest recorded application layer DDoS assault to date, which, less than a week ago, peaked at 21.8 million requests per second (RPS). READ MORE...
MyRepublic Data Breach Raises Data-Protection Questions
Almost 79,400 MyRepublic mobile subscribers have been caught up in a data breach that exposed a range of personal information, the company has confirmed. The Singapore-based ISP and mobile provider said that an "unauthorized data access incident" took place on August 29. The intrusion in question was aimed at a third-party data storage platform used to store the personal data of MyRepublic's mobile customers, the firm noted, in a Friday website notice. READ MORE...
BlackMatter ransomware hits medical technology giant Olympus
Olympus, a leading medical technology company, is investigating a "potential cybersecurity incident" that impacted some of its EMEA (Europe, Middle East, Africa) IT systems last week. Olympus has more than 31,000 employees worldwide and over 100 years of history developing for the medical, life sciences, and industrial equipment industries. The company's camera, audio recorder, and binocular divisions have been transferred to OM Digital Solutions since January 2021. READ MORE...
REvil ransomware is back in full attack mode and leaking data
The REvil ransomware gang has fully returned and is once again attacking new victims and publishing stolen files on a data leak site. Since 2019, the REvil ransomware operation, aka Sodinokibi, has been conducting attacks on organizations worldwide where they demand million-dollar ransoms to receive a decryption key and prevent the leaking of stolen files. READ MORE...
Android malware distributed in Mexico uses Covid-19 to steal financial credentials
McAfee Mobile Malware Research Team has identified malware targeting Mexico. It poses as a security banking tool or as a bank application designed to report an out-of-service ATM. In both instances, the malware relies on the sense of urgency created by tools designed to prevent fraud to encourage targets to use them. This malware can steal authentication factors crucial to accessing accounts from their victims on the targeted financial institutions in Mexico. READ MORE...
Hacker-made Linux Cobalt Strike beacon used in ongoing attacks
An unofficial Cobalt Strike Beacon Linux version made by unknown threat actors from scratch has been spotted by security researchers while actively used in attacks targeting organizations worldwide. Cobalt Strike is a legitimate penetration testing tool designed as an attack framework for red teams (groups of security professionals who act as attackers on their own org's infrastructure to discover security gaps and vulnerabilities.) READ MORE...
- ...in 1814, Francis Scott Key writes the poem "Defence of Fort McHenry", which would later be set to music as "The Star-Spangled Banner".
- ...in 1925, jazz singer/songwriter Mel Torme, "The Velvet Fog", is born in Chicago, IL.
- ...in 1939, 7-foot-tall actor Richard Kiel, best known as the metal-mouthed henchman "Jaws" from multiple James Bond films, is born in Detroit, MI.
- ...in 1985, Nintendo releases Super Mario Bros. for the Nintendo Entertainment System.