IT Security Newsletter

IT Security Newsletter - 9/20/2021

Written by Cadre | Mon, Sep 20, 2021

Epik data breach impacts 15 million users, including non-customers

Epik has now confirmed that an "unauthorized intrusion" did in fact occur into its systems. The announcement follows last week's incident of hacktivist collective Anonymous leaking 180 GB of data stolen from online service provider Epik. To mock the company's initial response to the data breach claims, Anonymous had altered Epik's official knowledge base, as reported by Ars. READ MORE...

Cyberattack on Alaska Health Department Linked to State-Sponsored Hackers

The Alaska health department has shared more information about the cyberattack detected earlier this year, and the organization says the attack was conducted by state-sponsored hackers. The first signs of a possible cyber breach were detected on May 2 by a "security monitoring firm" that reported its findings to the State Security Office, which in turn notified the Alaska Department of Health and Social Services (DHSS) on May 5. READ MORE...

Europol links Italian Mafia to million-dollar phishing scheme

In collaboration with Europol and Eurojust, European law enforcement dismantled an extensive network of cybercriminals linked to the Italian Mafia that was able to defraud their victims of roughly $11.7 million last year alone. "The Spanish National Police, supported by the Italian National Police, Europol and Eurojust, dismantled an organised crime group linked to the Italian Mafia involved in online fraud, money laundering, drug trafficking and property crime," the Europol said today. READ MORE...

Republican Governors Association email server breached by state hackers

The Republican Governors Association (RGA) revealed in data breach notification letters sent last week that its servers were breached during an extensive Microsoft Exchange hacking campaign that hit organizations worldwide in March 2021. Following an investigation started after March 10, "RGA determined that the threat actors accessed a small portion of RGA's email environment between February 2021 and March 2021, and that personal information may have been accessible to the threat actor(s) as a result." READ MORE...

Attackers Use Linux Binaries as Loaders for Windows Malware

Using Microsoft's Windows Subsystem for Linux (WSL), attackers have leveraged Linux binaries to load payloads into Windows processes, according to researchers with Black Lotus Labs, the threat intelligence unit of tech company Lumen. As part of the observed attacks, Linux ELF (Executable and Linkable Format) binaries were employed to inject payloads into running processes using Windows API calls. The ELF binaries were written in Python and converted for the Debian platform using PyInstaller. READ MORE...

Payment API Vulnerabilities Exposed "Millions" of Users

Millions of consumers may have exposed their personal and payment information after researchers discovered API security vulnerabilities affecting multiple apps. CloudSEK said that of the 13,000 apps uploaded to its BeVigil "security search engine" for mobile applications, around 250 use the Razorpay API to facilitate financial transactions. Unfortunately, it found that approximately 5% of these exposed their payment integration key ID and key secret. READ MORE...

AMD Chipset Driver Vulnerability Can Allow Hackers to Obtain Sensitive Data

Chipmaker AMD has patched a driver vulnerability that could allow an attacker to obtain sensitive information from the targeted system. The flaw, tracked as ??CVE-2021-26333 and classified by AMD as medium severity, affects the company's Platform Security Processor (PSP) chipset driver, which is used by several graphics cards and processors. AMD has advised users to update the PSP driver to version 5.17.0.0 through Windows Update or update the Chipset Driver to version 3.08.17.735. READ MORE...

  • ...in 1842, Scottish chemist and physicist James Dewar, inventor of the vacuum flask, is born in Kincardine, Scotland.
  • ...in 1941, sculptor Dale Chihuly, known for his flowing, large-scale glassworks, is born in Tacoma, WA.
  • ...in 1946, the first Cannes Film Festival is held in France, after having been delayed for seven years due to WWII.
  • ...in 1973, Billie Jean King defeats Bobby Riggs in their Battle of the Sexes tennis match in Houston, TX.