<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 9/26/2022

Hacking

Ukraine dismantles hacker gang that stole 30 million accounts

The cyber department of Ukraine's Security Service (SSU) has taken down a group of hackers that stole accounts of about 30 million individuals and sold them on the dark web. The hackers used malware to obtain credentials and other sensitive data available on victim systems in Ukraine and the European Union. The SSU says that the threat actor offered data packs, which were purchased in bulk by pro-Kremlin propagandists. READ MORE...


Teen hacking suspect charged with computer misuse and breach of bail conditions

British police have charged the 17-year-old youth they arrested last week in Oxfordshire. As I noted at the time, the arrest was widely rumoured to be connected to an investigation into the LAPSUS$ hacking gang, which has hacked the likes of Microsoft, Ubisoft, NVIDIA, Samsung, and Okta. Most recently, LAPSUS$ has tied to data breaches at Uber, 2K and Grand Theft Auto maker Rockstar Games. READ MORE...

Malware

Microsoft SQL servers hacked in TargetCompany ransomware attacks

Vulnerable Microsoft SQL servers are being targeted in a new wave of attacks with FARGO ransomware, security researchers are warning. MS-SQL servers are database management systems holding data for internet services and apps. Disrupting them can cause severe business trouble. BleepingComputer has reported similar attacks in February, dropping Cobalt Strike beacons, and in July when threat actors hijacked vulnerable MS-SQL servers to steal bandwidth for proxy services. READ MORE...


Microsoft Dismantles Spam Campaign Abusing OAuth Applications

Microsoft says it has dismantled a malicious campaign relying on a network of single-tenant OAuth applications for the distribution of spam messages. Over the past few years, Microsoft has observed an increase in the malicious use of OAuth applications, especially for consent phishing, a type of attack where the user is tricked into allowing the malicious OAuth apps to access their cloud services. READ MORE...

Information Security

"Fake crypto millionaire" charged with alleged $1.7M cryptomining scam

A self-proclaimed cryptocurrency millionaire has been charged with multiple felonies for his alleged role in a scam that purported to sell a high-powered cryptomining machine called the "Bitex Blockbuster" that did not actually exist. James Wolfgramm (also known as Semisi Niu or James Vaka Niu) of Spanish Fork, Utah, has been charged by a federal grand jury with wire fraud and money laundering. READ MORE...


Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

A 36-year-old Russian man recently identified by KrebsOnSecurity as the likely proprietor of the massive RSOCKS botnet has been arrested in Bulgaria at the request of U.S. authorities. At a court hearing in Bulgaria this month, the accused hacker requested and was granted extradition to the United States, reportedly telling the judge, "America is looking for me because I have enormous information and they need it." READ MORE...

Exploits/Vulnerabilities

Hacktivist Attacks Show Ease of Hacking Industrial Control Systems

Hacktivists might not know a lot about industrial control systems (ICS), but they're well aware of the potential implications of these devices getting compromised. That is why some groups have been targeting these systems - which are often unprotected and easy to hack - to draw attention to their cause. Industrial cybersecurity firm Otorio reported in early September that a pro-Palestine hacktivist group named GhostSec had claimed that it 'hacked' 55 Berghof programmable logic controllers (PLCs) located in Israel. READ MORE...

On This Date

  • ...in 1774, legendary conservationist and missionary John Chapman, aka "Johnny Appleseed", was born in Leominster, MA.
  • ...in 1960, the first-ever televised presidential debate takes place between candidates Richard M. Nixon and John F. Kennedy.
  • ...in 1966, the first Chevrolet Camaro appeared.
  • ...in 1969, the last studio album by the Beatles, "Abbey Road", is released.