<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 9/23/2024

SHARE

Breaches

Dell investigates data breach claims after hacker leaks employee info

Dell has confirmed to BleepingComputer that they are investigating recent claims that it suffered a data breach after a threat actor leaked the data for over 10,000 employees. The allegations were published yesterday by a threat actor named "grep," who alleges that the computing vendor suffered a "minor data breach" in September 2024, exposing internal employee and partner information. READ MORE...


Disney ditching Slack after massive July data breach

The Walt Disney Company is reportedly ditching Slack after a July data breach exposed over 1TB of confidential messages and files posted to the company's internal communication channels. According to CNBC, Disney has already begun migrating to new "streamlined enterprise-wide collaboration tools" and emailed employees this week to say that they will finish the migration at the end of the company's next fiscal quarter. READ MORE...

Hacking

China's 'Earth Baxia' Spies Exploit Geoserver to Target APAC Orgs

A China-linked cyber-espionage group has attacked Taiwanese government agencies, the Philippine and Japanese military, and energy companies in Vietnam, installing either the Cobalt Strike client or a custom backdoor known as EagleDoor on compromised machines. Dubbed Earth Baxia by cybersecurity firm Trend Micro, the group primarily uses spear-phishing to compromise victims, but it has also exploited a vulnerability in the open source GeoServer software used to distribute geospatial data. READ MORE...


Hacker behind Snowflake customer data breaches remains active

The hacker behind the bulk of the Snowflake customer data theft earlier this year remains active as of this week, a researcher tracking the suspect said Friday. The hacker - known primarily "Judische," but who also used other names online, including "Waifu" - continues to target software-as-a-service providers and other entities "as recently as today," Austin Larsen, a senior threat analyst with Mandiant, said during a presentation at SentinelOne's LABScon security conference. READ MORE...

Software Updates

ESET Patches Privilege Escalation Vulnerabilities in Windows, macOS Products

ESET on Friday announced patches for two local privilege escalation vulnerabilities affecting multiple Windows and macOS products. The Windows products, the company warns in an advisory, were found vulnerable to CVE-2024-7400, a high-severity bug affecting the file operations handling during the removal of a detected file. An attacker with low privileges on a system running an affected ESET product could exploit the flaw to delete arbitrary files and escalate privileges. READ MORE...

Malware

Move over, Cobalt Strike. Splinter's the new post-exploit menace in town

Attackers are using Splinter, a new post-exploitation tool, to wreak havoc in victims' IT environments after initial infiltration, utilizing capabilities such as executing Windows commands, stealing files, collecting cloud service account info, and downloading additional malware onto victims' systems. Then the malicious code self-deletes, according to Palo Alto Networks' Unit 42 threat hunters, which spotted the new penetration testing tool hiding in several of its customers' systems. READ MORE...

Information Security

"Simply staggering" surveillance conducted by social media and streaming services, FTC finds

The US Federal Trade Commission (FTC) released a report that examines the data collection and use practices of major social media and video streaming services, finding that-and this will not come as a surprise to our regular readers-the companies engaged in vast surveillance of consumers in order to monetize their personal information while failing to adequately protect users online, especially children and teens. READ MORE...

Exploits/Vulnerabilities

CERT/CC Warns of Unpatched Critical Vulnerability in Microchip ASF

The CERT Coordination Center (CERT/CC) at Carnegie Mellon University has published an advisory for a critical flaw affecting Microchip's Advanced Software Framework (ASF). Microchip ASF is a free and open source code library for the company's microcontrollers. The US-based semiconductor supplier says the product is meant for the evaluation, prototyping, design and production phases. READ MORE...

On This Date

  • ...in 1846, German astronomer Johann Gottfried Galle discovers the planet Neptune at the Berlin Observatory.
  • ...in 1889, Nintendo is founded in Kyoto, Japan. The company's original business was the manufacture and sale of handmade playing cards.
  • ...in 1930, musician and popular music trailblazer Ray Charles ("I've Got A Woman", "What'd I Say") is born in Albany, GA.
  • ...in 2002, the first public version of the Mozilla Firefox web browser is released.