<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 9/16/2022

Top News

Uber hacked, internal systems breached and vulnerability reports stolen

Uber suffered a cyberattack Thursday afternoon with a hacker gaining access to vulnerability reports and sharing screenshots of the company's internal systems, email dashboard, and Slack server. The screenshots shared by the hacker and seen by BleepingComputer show what appears to be full access to many critical Uber IT systems, including the company's security software and Windows domain. READ MORE...


Eastern European org hit by second record-smashing DDoS attack

Akamai says it has absorbed the largest-ever publicly known distributed denial of service (DDoS) attack - an assault against an unfortunate Eastern European organization that went beyond 700 million packets per second. This latest tsunami of traffic hit on Monday, according to the web infrastructure biz, and we're told the cybercriminals responsible for the earlier record-setting DDoS flood in July were behind this latest one, too. READ MORE...

Malware

Trojanized versions of PuTTY utility being used to spread backdoor

Researchers believe hackers with connections to the North Korean government have been pushing a Trojanized version of the PuTTY networking utility in an attempt to backdoor the network of organizations they want to spy on. Researchers from security firm Mandiant said on Thursday that at least one customer it serves had an employee who installed the fake network utility by accident. READ MORE...


Russian hackers use new info stealer malware against Ukrainian orgs

Russian hackers have been targeting Ukrainian entities with previously unseen info-stealing malware during a new espionage campaign that is still active. Security researchers at Cisco Talos attribute the campaign to Gamaredon, a Russian state-backed threat group with a long history of targeting mainly organizations in the Ukrainian government, critical infrastructure, defense, security, and law enforcement. READ MORE...

Information Security

Unflagging Iranian Threat Activity Spurs Warnings, Indictments From US Government

Iranian threat actors have been on the radar and in the crosshairs of the US government and security researchers alike this month with what appears to be a ramp-up in and subsequent crackdown on threat activity from advanced persistent threat (APT) groups associated with the Iran's Islamic Revolutionary Guard Corps (IRGC). The US government on Wednesday simultaneously revealed an elaborate hacking scheme by and indictments against several Iranian nationals thanks to recently unsealed court documents. READ MORE...

Exploits/Vulnerabilities

School app Seesaw compromised to send shock NSFW images

On Wednesday, parents and teachers reported that student learning platform, Seesaw, had been hacked after some users received an infamous explicit photo on private chats. Schools from districts in Colorado, Illinois, Kansas, Michigan, New York, Oklahoma, South Dakota, and Texas all experienced similar issues, and began to send out warnings. San Francisco-based Seesaw, which prides itself on having more than 10 million users, declined to comment on how many were affected. READ MORE...

On This Date

  • ...in 1620, the Mayflower sails from Plymouth, England, bound for the New World with 102 passengers.
  • ...in 1908, William C. Durant founds the General Motors Corporation.
  • ...in 1949, Warner. Bros. introduces the Road Runner in the cartoon short "Fast and Furry-ous."
  • ...in 1966, the Metropolitan Opera House opens at Lincoln Center in New York City.