IT Security Newsletter - 9/17/2024
Ukraine, Gaza Wars Inspire DDoS Surge Against Finservs
Financial services organizations have faced nearly twice as many distributed denial of service (DDoS) attacks this year as any other industry, thanks in part to a rise in hacktivism. According to a new report from Akamai, between Jan. 1 and June 30, there were nearly 3,000 Layer 3 and 4 DDoS attack events in the financial services sector (Layer 3 and 4 attacks occur at the network and transport layers of Internet communication). READ MORE...
Ticketmaster boss who repeatedly hacked rival firm sentenced
A former boss of Ticketmaster has been sentenced after pleading guilty to illegally accessing computer servers of a rival company and stealing sensitive business information. In 2012, Stephen Mead left ticket company CrowdSurge, signing a $52,970 separation agreement promising not to keep or disclose confidential information from his former employer, such as client lists, passwords, marketing strategies, and financial data. READ MORE...
Port of Seattle officials pin attack, data theft to Rhysida ransomware group
A ransomware attack initiated by the Rhysida ransomware group was responsible for widespread and sustained outages spanning multiple systems at the Port of Seattle, authorities said in a Friday update. Authorities for the Port of Seattle, which operates the Seattle-Tacoma International Airport and one of the busiest ports in the U.S., described the nature of the security incident three weeks after the government agency initially discovered the attack. READ MORE...
Over 1,000 ServiceNow instances found leaking corporate KB data
Over 1,000 misconfigured ServiceNow enterprise instances were found exposing Knowledge Base (KB) articles that contained sensitive corporate information to external users and potential threat actors. The exposed information includes personally identifiable information (PII), internal system details, user credentials, access tokens for live production systems, and other essential information depending on the Knowledge Base topic. READ MORE...
Ivanti Cloud Bug Goes Under Exploit After Alarms Are Raised
Just days after Ivanti released an advisory regarding a high-severity vulnerability in its Cloud Service Appliance (CSA), the company is alerting customers that the flaw is now being exploited in the wild. Ivanti initially disclosed the vulnerability, tracked as CVE-2024-8190, on Sept. 10, warning customers that it could allow unauthorized access to their devices. With a CVSS score of 7.2 out of 10, the attacker must have administrator-level privileges in order to exploit the vulnerability. READ MORE...
Secure Boot-neutering PKfail debacle is more prevalent than anyone knew
A supply chain failure that compromises Secure Boot protections on computing devices from across the device-making industry extends to a much larger number of models than previously known, including those used in ATMs, point-of-sale terminals, and voting machines. The debacle was the result of non-production test platform keys used in hundreds of device models for more than a decade. These cryptographic keys form the root-of-trust anchor between the hardware and firmware. READ MORE...
- ...in 1787, the United States Constitution is signed in Philadelphia, Pennsylvania.
- ...in 1920, the National Football League is organized in Canton, Ohio.
- ...in 1976, NASA unveils the first space shuttle, Enterprise. It never went to space, but was used for atmospheric test flights.
- ...in 1991, software engineer Linus Torvalds releases the first version of the Linux kernel to the Internet.