IT Security Newsletter - 9/20/2022
American Airlines discloses data breach after employee email compromise
American Airlines has notified customers of a recent data breach after attackers compromised an undisclosed number of employee email accounts and gained access to sensitive personal information. In notification letters sent on Friday, September 16th, the airline explained that it has no evidence that the exposed data was misused. American Airlines discovered the breach on July 5th, immediately secured the impacted email accounts, and hired a cybersecurity forensic firm to investigate the security incident. READ MORE...
Rockstar confirms Grand Theft Auto VI leak came from "network intrusion"
Rockstar confirmed Monday morning that it has suffered a "network intrusion" where "confidential information... including early development footage for the next Grand Theft Auto" was illegally obtained by a third party. The admission seemingly confirms the veracity of a host of leaked Grand Theft Auto VI videos that hit the Internet over the weekend. The leaked footage was first linked on fansite GTAForums Sunday morning before spreading across the Internet. READ MORE...
Revolut data breach: 50,000+ users affected
Revolut, the fintech company behing the popular banking app of the same name, has suffered a data breach, which has been followed by phishing attacks aimed at taking advantage of the situation. Revolut customers began noticing something was wrong on September 11, when some of them reported receiving "inappropriate wording via chat." A few days later, some users received an alert via email saying their account was affected following a cyberattack. READ MORE...
MFA Fatigue: Hackers' new favorite tactic in high-profile breaches
Hackers are more frequently using social engineering attacks to gain access to corporate credentials and breach large networks. One component of these attacks that is becoming more popular with the rise of multi-factor authentication is a technique called MFA Fatigue. When breaching corporate networks, hackers commonly use stolen employee login credentials to access VPNs and the internal network. READ MORE...
Hacking group focused on Central America dumps 10 gigabytes of military emails, files
A hacking group that has primarily focused on Central American targets released on Monday roughly 10 gigabytes of emails and other materials from military and police agencies in Chile, Mexico, El Salvador, Colombia and Peru. The data dump is the latest release from the group that has focused on infiltrating mining and oil companies, police and several Latin American regulatory agencies since March 2022. READ MORE...
Been hit by LockerGoga ransomware? A free fix is now out
If you've been hit by the LockerGoga ransomware, an international law enforcement effort has publicly released a tool to fix the problem. LockerGoga is the Windows software nasty behind the 2019 infection at Norsk Hydro that shut down the Norwegian power and metals giant's global network for a week and cost the company over $100m, not to mention the knock-on effects further down the supply chain. READ MORE...
GPT-3 'prompt injection' attack causes bad bot manners
OpenAI's popular natural language model GPT-3 has a problem: It can be tricked into behaving badly by doing little more than telling it to ignore its previous orders. Discovered by Copy.ai data scientist Riley Goodside, the trick involves giving GPT-3 a request, telling it to ignore that request, and instead do whatever the asker tells it instead. In Goodside's case, she told GPT-3 to translate a sentence from French to English, but to ignore what she told it to translate. READ MORE...
- ...in 1842, Scottish chemist and physicist James Dewar, inventor of the vacuum flask, was born in Kincardine, Scotland.
- ...in 1941, sculptor Dale Chihuly, known for his flowing, large-scale glassworks, was born in Tacoma, WA.
- ...in 1946, the first Cannes Film Festival is held in France, after having been delayed for seven years due to WWII.
- ...in 1973, Billie Jean King defeats Bobby Riggs in their Battle of the Sexes tennis match in Houston, TX.