<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 9/19/2022

SHARE

Breaches

Uber was breached to its core, purportedly by an 18-year-old. Here's what's known

Uber employees on Thursday discovered that huge swaths of their internal network had been accessed by someone who announced the feat on the company Slack channel. The intruder, who sent screenshots documenting the breach to The New York Times and security researchers, claimed to be 18 years old and was unusually forthcoming about how it occurred and just how far it reached, according to the news outlet, which broke the story. READ MORE...


New York ambulance service discloses data breach after ransomware attack

Empress EMS (Emergency Medical Services), a New York-based emergency response and ambulance service provider, has disclosed a data breach that exposed customer information. According to the notification, the company suffered a ransomware attack on July 14, 2022. An investigation into the incident revealed that the intruder had gained access to Empress EMS' systems on May 26, 2022. About a month and a half later, on July 13, the hackers exfiltrated "a small subset of files," a day before deploying the encryption. READ MORE...

Hacking

Starbucks Singapore warns customers after hacker steals data, offers it for sale on underground forum

200,000 customers of Starbucks in Singapore have had their personal details put up for sale online, after a security incident at the coffee chain. Starbucks discovered that a breach had occurred after a member of an underground hacking forum made what appears to be the Starbucks Singapore database available for sale, including user IDs, dates of birth, names, phone numbers, email addresses, and more. READ MORE...

Malware

Emotet botnet now pushes Quantum and BlackCat ransomware

While monitoring the Emotet botnet's current activity, security researchers found that the Quantum and BlackCat ransomware gangs are now using the malware to deploy their payloads. This is an interesting development given that the Conti cybercrime syndicate was the one that previously used the botnet before shutting down in June. The Conti group was the one who orchestrated its comeback in November after an international law enforcement action took down Emotet's infrastructure at the beginning of 2021. READ MORE...

Information Security

LastPass says it contained August breach, leaving customer data and vaults secure

LastPass said the threat actor that breached its systems in August accessed its development environment for four days, according to an updated blog post released Thursday by CEO Karim Toubba. LastPass completed an investigation and forensic review with incident response firm Mandiant. LastPass said its security team detected the threat actor inside its systems during the four-day period and was able to contain the activity. READ MORE...


Can reflections in eyeglasses actually leak info from Zoom calls? Here's a study into it

Boffins at the University of Michigan in the US and Zhejiang University in China want to highlight how bespectacled video conferencing participants are inadvertently revealing sensitive on-screen information via reflections in their eyeglasses. With the COVID-19 pandemic and the rise in remote work, video conferencing has become commonplace. The researchers argue the ensuing privacy and security issues deserve further attention, and they've been casting an eye on this unusual attack vector. READ MORE...

Exploits/Vulnerabilities

Google, Microsoft can get your passwords via web browser's spellcheck

Extended spellcheck features in Google Chrome and Microsoft Edge web browsers transmit form data, including personally identifiable information (PII) and in some cases, passwords, to Google and Microsoft respectively. While this may be a known and intended feature of these web browsers, it does raise concerns about what happens to the data after transmission and how safe the practice might be, particularly when it comes to password fields. READ MORE...


Game Acceleration Module Vulnerability Exposes Netgear Routers to Attacks

Multiple Netgear router models are vulnerable to arbitrary code execution via FunJSQ, a third-party module for online game acceleration, European security and compliance assessment company Onekey warns. Integrated in various Netgear routers and Orbi WiFi systems, the gaming optimization module is developed by China-based Xiamen Xunwang Network Technology. READ MORE...

On This Date

  • ...in 1928, actor Adam West, TV's original Batman, is born in Walla Walla, WA.
  • ...in 1970, The Mary Tyler Moore Show premieres on CBS. It is one of the first TV programs to focus on an independent career woman as a main character.
  • ...in 1985, musician Frank Zappa testifies before the U.S. Senate in protest of the PMRC's call for the labeling of explicit content on album covers.
  • ...in 1995, the first International Talk Like a Pirate Day is celebrated by the holiday's founders, John Baur and Mark Summers.