<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 9/21/2022

SHARE

Hacking

Imperva mitigated long-lasting, 25.3 billion request DDoS attack

Internet security company Imperva has announced its DDoS (distributed denial of service) mitigation solution has broken a new record, defending against a single attack that sent over 25.3 billion requests to one of its customers. The target was a Chinese telecommunications service provider often at the receiving end of DDoS attacks with unusually large volumes. The DDoS attack unfolded on June 27, 2022, peaking at 3.9 million requests per second (RPS) and averaging 1.8 million RPS. READ MORE...


2K game support hacked to email RedLine info-stealing malware

Hackers have compromised the support system of American video game publisher 2K and now are sending support tickets to gamers containing the RedLine password-stealing malware. 2K is the publisher behind numerous popular game franchises, including NBA 2K, Borderlands, WWE 2K, PGA Tour 2K, Bioshock, Civilization, and Xcom. Starting today, 2K customers began receiving emails stating that they opened support tickets on 2ksupport[.]zendesk[.]com, 2K's online support ticketing system. READ MORE...

Malware

ChromeLoader Malware Evolves into Prevalent, More Dangerous Cyber Threat

Security researchers are sounding the alarm on the malware tool dubbed ChromeLoader. It first surfaced in January as a consumer-focused, browser-hijacking credential stealer but has now evolved into a widely prevalent and multifaceted threat to organizations across multiple industries. In an advisory released Sept. 19, researchers from VMware's Carbon Black managed detection and response team said they have recently observed the malware being used to also drop ransomware nad other threats. READ MORE...

Information Security

Deepfake audio has a tell and researchers can spot it

Imagine the following scenario. A phone rings. An office worker answers it and hears his boss, in a panic, tell him that she forgot to transfer money to the new contractor before she left for the day and needs him to do it. She gives him the wire transfer information, and with the money transferred, the crisis has been averted. The worker sits back in his chair, takes a deep breath, and watches as his boss walks in the door. The voice on the other end of the call was not his boss. In fact, it wasn't even a human. READ MORE...

Exploits/Vulnerabilities

Energy bill rebate scams spread via SMS and email

The UK's National Cyber Security Centre (NCSC) has warned that fraudsters are sending out emails and SMS texts urging homeowners to sign up for a discount on their energy bills. Amid a cost-of-living crisis, the British government announced that eligible UK households will receive a grant which will reduce energy bills by £400, starting in October 2022. Predictably, scammers are taking advantage of the situation in order to dupe the unwary. READ MORE...


iBoot Power Distribution Unit Flaws Allow Hackers to Remotely Shut Down Devices

Critical vulnerabilities discovered by researchers in Dataprobe's iBoot power distribution unit (PDU) can allow malicious actors to remotely hack the product and shut down connected devices, potentially causing disruption within the targeted organization. The vulnerabilities affecting the iBoot-PDU product were identified by researchers at industrial cybersecurity firm Claroty, who found a total of seven issues, including ones allowing a remote, unauthenticated attacker to execute arbitrary code. READ MORE...

On This Date

  • ...in 1866, English science fiction author H.G. Wells, ("The Time Machine", "War of the Worlds") is born in Kent, England.
  • ...in 1937, J.R.R. Tolkien's fantasy novel "The Hobbit, or There and Back Again", is published.
  • ...in 1942, the B-29 Superfortress, one of the largest aircraft operational during WWII, makes its maiden flight.
  • ...in 1981, Sandra Day O'Connor is unanimously confirmed as the first female Supreme Court justice.