IT Security Newsletter

IT Security Newsletter - 9/16/2024

Written by Cadre | Mon, Sep 16, 2024

Data Stolen in Ransomware Attack That Hit Seattle Airport

The Port of Seattle, which operates the Seattle-Tacoma International Airport (SEA Airport), has confirmed that ransomware was used in an August cyberattack that caused days-long outages. The incident was disclosed on August 24, when the Port announced on X (formerly Twitter) that various services were down after critical systems were isolated in response to a cyberattack. READ MORE...

23andMe to pay $30 million in settlement over 2023 data breach

Genetic testing company 23andMe will pay $30 million to settle a class action lawsuit over a 2023 data breach which ended in some customers having information like names, birth years, and ancestry information exposed. In October 2023, we reported on how information belonging to as many as seven million 23andMe customers turned up for sale on criminal forums following a credential stuffing attack against 23andMe. READ MORE...

D-Link fixes critical RCE, hardcoded password flaws in WiFi 6 routers

D-Link has fixed critical vulnerabilities in three popular wireless router models that allow remote attackers to execute arbitrary code or access the devices using hardcoded credentials. The impacted models are popular in the consumer networking market, especially among users looking for high-end WiFi 6 routers (DIR-X) and mesh networking systems (COVR). The bulletin lists five vulnerabilities, three of which are rated critical. READ MORE...

NFL Teams Block & Tackle Cyberattacks in a Digital World

This past weekend, the National Football League kicked off its 2024 season, and while the sport itself has remained the same, mainly - hello, new kicking rules - the technological operations around games and players is constantly evolving, and face increasing cyber threats. While all companies have a mix of digital and physical assets, sports teams have a unique cocktail of critical assets, especially as data has become increasingly the lifeblood of sports franchises in the NFL. READ MORE...

FBI, CISA Warn of Fake Voter Data Hacking Claims

Hackers are making available the information of US voters in an attempt to undermine confidence in the security of election infrastructure, but the claims made by these hackers are false, according to the FBI and CISA. In a joint public service announcement published last week, the agencies pointed out that most US voter information can be purchased or legitimately acquired, but threat actors continue to make statements suggesting evidence of election infrastructure compromise. READ MORE...

Windows vulnerability abused braille "spaces" in zero-day attacks

A recently fixed "Windows MSHTML spoofing vulnerability" tracked under CVE-2024-43461 is now marked as previously exploited after it was used in attacks by the Void Banshee APT hacking group. When first disclosed as part of the September 2024 Patch Tuesday, Microsoft had not marked the vulnerability as previously exploited. However, on Friday, Microsoft updated the CVE-2024-43461 advisory to indicate it had been exploited in attacks before it was fixed. READ MORE...

  • ...in 1620, the Mayflower sails from Plymouth, England, bound for the New World with 102 passengers.
  • ...in 1908, William C. Durant founds the General Motors Corporation.
  • ...in 1949, Warner. Bros. introduces the Road Runner in the cartoon short "Fast and Furry-ous."
  • ...in 1966, the Metropolitan Opera House opens at Lincoln Center in New York City.