IT Security Newsletter - 9/25/2024
Third Recent Ivanti Vulnerability Exploited in the Wild
A vulnerability affecting Ivanti's Virtual Traffic Manager application delivery controller is being exploited in the wild. This is the third flaw for which Ivanti customers have received such a warning within the past two weeks. The latest is CVE-2024-7593, a critical Virtual Traffic Manager (vTM) authentication bypass vulnerability that allows a remote, unauthenticated attacker to create an administrator account. READ MORE...
MoneyGram Goes Offline After Vague Cyber Woes
MoneyGram's systems and payment services are down due to a "cybersecurity issue," with no clear timeline as to when it will be back up and running once more. The money-wiring service's in-person and online payment systems have been down since Friday, Sept. 20. The next day, MoneyGram posted on social media platform X, noting that it was experiencing a network outage that was affecting connectivity to its systems. READ MORE...
Kansas Water Plant Pivots to Analog After Cyber Event
The water treatment facility for a small city in Kansas experienced a "cybersecurity incident" on the morning of Sept. 22. Arkansas City - population 12,000, a two-hour drive north of Oklahoma City - sits at the junction of the Walnut and Arkansas Rivers, the latter of which supplies the town's drinking water. A notice from the city's Environmental Services Administration revealed that on Sept. 22, its treatment facility experienced a "cybersecurity incident." READ MORE...
U.S. govt agency CMS says data breach impacted 3.1 million people
The Centers for Medicare & Medicaid Services (CMS) federal agency announced earlier this month that health and personal information of more than three million health plan beneficiaries was exposed in the MOVEit attacks Cl0p ransomware conducted last year. The hackers stole the data after breaching the Wisconsin Physicians Service (WPS) health insurance corporation, which provided Medicare administrative services. READ MORE...
Hacker plants false memories in ChatGPT to steal user data in perpetuity
When security researcher Johann Rehberger recently reported a vulnerability in ChatGPT that allowed attackers to store false information and malicious instructions in a user's long-term memory settings, OpenAI summarily closed the inquiry, labeling the flaw a safety issue, not, technically speaking, a security concern. So Rehberger did what all good researchers do: He created a proof-of-concept exploit that used the vulnerability to exfiltrate all user input in perpetuity. READ MORE...
Russia's digital warfare on Ukraine shows no signs of slowing: Malware hits surge
Russia's use of malware to support its military efforts in Ukraine is showing no signs of waning while its tactics continually evolve to bypass protections. Ukraine's State Service of Special Communications and Information Protection (SSSCIP) published its half-year report on Russia's cyber activity in the war this week, noting a 90 percent increase in incidents involving malware infections. READ MORE...
AutoCanada says ransomware attack "may" impact employee data
AutoCanada is warning that employee data may have been exposed in an August cyberattack claimed by the Hunters International ransomware gang. Although the firm says it has detected no fraud campaigns targeting impacted individuals, it is sending notifications to alert affected people of potential risks. In mid-August, the car dealership company disclosed that it had to take specific internal IT systems offline to contain a cyberattack, leading to operational disruptions. READ MORE...
Warnings After New Valencia Ransomware Group Strikes Businesses and Leaks Data
A new ransomware operation has started to leak information it claims has been stolen from organisations it has compromised around the world. In recent days Valencia Ransomware has posted on its dark web leak site's so-called "Wall of shame" links to gigabytes of downloadable information that has seemingly been exfiltrated from a Californian municipality, a pharmaceutical firm, and a paper manufacturer. READ MORE...
Researcher Says Healthcare Facility's Doors Hackable for Over a Year
A researcher says a US healthcare facility has failed to address a serious vulnerability that has been making it possible for threat actors to hack the doors of one of its buildings for at least the past year. The healthcare organization, on the other hand, has denied the findings. The research was conducted by Shawn Merdinger, who in 2010, at the DEFCON conference, showed how S2 Security door access controllers used by hospitals, schools, and other entities could be hacked. READ MORE...
- ...in 1911, ground is broken in Boston, MA for Fenway Park.
- ...in 1930, writer and illustrator Shel Silverstein ("The Giving Tree", "Where the Sidewalk Ends") is born in Chicago, IL.
- ...in 1951, actor Mark Hamill, best known as Luke Skywalker in "Star Wars", (as well as the voice of the Joker on "Batman: The Animated Series") is born in Oakland, CA.
- ...in 1956, TAT-1, the first transatlantic telephone cable system is inaugurated, stretching between Scotland and Newfoundland.