<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 9/23/2021

Top News

Crystal Valley Farm Coop Hit with Ransomware

Crystal Valley, a Minnesota-based farm supply and grain marketing cooperative, has become the second U.S. agriculture business to be hit with a ransomware attack this week. The company released a statement about the attack on its website on Tuesday afternoon, but as of Wednesday afternoon, the site had been knocked offline and was still down. Crystal Valley confirmed in a Facebook post that it had been alerted to the attack on Sunday afternoon, Sept. 19. READ MORE...

Breaches

Attacks on Russian Government Orgs Exploit Recent Microsoft Office Zero-Day

Threat actors have targeted Russian government organizations with malicious documents designed to exploit the recently patched MSHTML zero-day flaw in Microsoft Office, security researchers with Malwarebytes reveal. Exploits for the MSHTML vulnerability were employed in attacks on at least two organizations in Russia, namely the Joint Stock Company State Rocket Center (JSC GREC Makeyev) and the Ministry of the Interior in Moscow. READ MORE...

Hacking

Large-Scale Phishing-as-a-Service Operation Exposed

Microsoft uncovered a large-scale, well-organization and sophisticated phishing-as-a-service (PhaaS) operation. The turnkey platform allows users to customize campaigns and develop their own phishing ploys so they can then use the PhaaS platform to help with phishing kits, email templates and hosting services needed to launch attacks. Microsoft researchers discovered the operation, marketed by criminals as BulletProofLink, when they found a high volume of newly created and unique subdomains. READ MORE...


Researchers finger new APT group, FamousSparrow, for hotel attacks

Researchers at security specialist ESET claim to have found a shiny new advanced persistent threat (APT) group dubbed FamousSparrow - after discovering its custom backdoor, SparrowDoor, on hotels and government systems around the world. "FamousSparrow is currently the only user of a custom backdoor that we discovered in the investigation and called SparrowDoor," ESET researcher and co-author of the report Tahseen Bin Taj explained. READ MORE...

Information Security

FBI, CISA, and NSA warn of escalating Conti ransomware attacks

CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) warned today of an increased number of Conti ransomware attacks targeting US organizations. The three US federal agencies urge enterprise IT admins to review their organizations' network security posture and implement the immediate actions outlined in the joint advisory to defend against Conti ransomware. READ MORE...

On This Date

  • ...in 1846, German astronomer Johann Gottfried Galle discovers the planet Neptune at the Berlin Observatory.
  • ...in 1889, Nintendo is founded in Kyoto, Japan. The company's original business was the manufacture and sale of handmade playing cards.
  • ...in 1930, musician and popular music trailblazer Ray Charles ("I've Got A Woman", "What'd I Say") is born in Albany, GA.
  • ...in 2002, the first public version of the Mozilla Firefox web browser is released.