<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 9/13/2023

SHARE

Top News

Adobe, Apple, Google & Microsoft Patch 0-Day Bugs

Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe, Google Chrome and Apple iOS users may have their own zero-day patching to do. On Sept. 7, researchers at Citizen Lab warned they were seeing active exploitation of a "zero-click," zero-day flaw to install spyware on iOS devices without any interaction from the victim. READ MORE...

Hacking

Hackers steal $53 million worth of cryptocurrency from CoinEx

Global cryptocurrency exchange CoinEX announced that someone hacked its hot wallets and stole large amounts of digital assets that were used to support the platform's operations. The incident occurred on September 12 and preliminary results of the investigation show that the unauthorized transactions involved Ethereum ($ETH), Tron ($TRON), and Polygon ($MATIC) cryptocurrency. READ MORE...


China caught - again - with its malware in another nation's power grid

Espionage-ware thought to have been developed by China has once again been spotted within the power grid of a neighboring nation. According to Symantec's Threat Hunter Team on Tuesday, a team dubbed Redfly infiltrated the national grid of an unnamed Asian nation using the ShadowPad Trojan, stole credentials, installed additional malware, and moved laterally to multiple systems on the infected network during six months of persistent access. READ MORE...

Trends

Compromised credential use jumps 300% in cloud intrusions: IBM

Valid, compromised account credentials were the initial access vector for more than 1 in 3 cloud intrusions observed by IBM Security X-Force during the last year, making it the most common point of entry across all cloud security incidents. Credentials used as an initial access vector for cloud intrusions jumped from 9% in 2022 to 36% this year, IBM Security X-Force said Wednesday in its cloud threat landscape report. READ MORE...


High-profile CVEs turn up in vulnerability exploit sales

The dark web marketplaces dedicated to the trade of credentials and vulnerabilities boasts some big names in enterprise compromises, Flashpoint research released Tuesday shows. Three reported purchases of vulnerability exploits on the dark web during the first half of the year included high profile, actively exploited CVEs, according to the threat intelligence firm. READ MORE...

Malware

A Bard's Tale - how fake AI bots try to install malware

Today, while I was browsing through my Facebook feed, I came across an ad by "Google Bard AI", suggesting to download and try out the latest version of Google's legitimate AI tool "Bard". My first "huh?" moment was that the shortened URL didn't include any Google reference but rather a link to rebrand.ly - a service with no obvious ties to Google and with offices in Dublin, Ireland. It seemed odd for an internet giant to be using the services of another provider and my suspicion was triggered. READ MORE...


Password-stealing Linux malware served for 3 years and no one noticed

A download site surreptitiously served Linux users malware that stole passwords and other sensitive information for more than three years until it finally went quiet, researchers said on Tuesday. The site, freedownloadmanager[.]org, offered a benign version of a Linux offering known as the Free Download Manager. Starting in 2020, the same domain at times redirected users to the domain deb.fdmpkg[.]org, which served a malicious version of the app. READ MORE...

Exploits/Vulnerabilities

How to snoop on passwords with this one weird trick

Some smart cookies at institutions in China and Singapore have devised a technique for reading keystrokes and pilfering passwords or passcodes from Wi-Fi-connected mobile devices on public networks, without any hardware hacking. The technique is made possible thanks to beamforming feedback information (BFI), which consists of data about wireless signal characteristics that turns out to be useful for ensuring a strong network connection and for applications like Wi-Fi sensing. READ MORE...


Microsoft Teams used to deliver DarkGate Loader malware

Researchers have found a new method by which cybercriminals are spreading the DarkGate Loader malware. Until now, DarkGate was typically distributed via phishing emails. The malspam campaign used stolen email threads to lure victims into clicking a hyperlink, which downloaded the malware. But Malwarebytes also found DarkGate reloaded via malvertising and SEO poisoning campaigns. READ MORE...

On This Date

  • ...in 1814, Francis Scott Key writes the poem "Defence of Fort McHenry", which would later be set to music as "The Star-Spangled Banner".
  • ...in 1925, jazz singer/songwriter Mel Torme, "The Velvet Fog", is born in Chicago, IL.
  • ...in 1939, 7-foot-tall actor Richard Kiel, best known as the metal-mouthed henchman "Jaws" from multiple James Bond films, is born in Detroit, MI.
  • ...in 1985, Nintendo releases Super Mario Bros. for the Nintendo Entertainment System.