<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 9/27/2021

Top News

EU officially blames Russia for 'Ghostwriter' hacking activities

The European Union has officially linked Russia to a hacking operation known as Ghostwriter that targets high-profile EU officials, journalists, and the general public. "These malicious cyber activities are targeting numerous members of Parliaments, government officials, politicians, and members of the press and civil society in the EU by accessing computer systems and personal accounts and stealing data," European Council officials said in a press release today. READ MORE...

Trends

Malwarebytes research shows an unequal, unsafe Internet

If the Internet was as safe and as private as it is essential for everyday life-increasingly required for job applications, bank transfers, doctor's appointments, and filing taxes-then we'd likely have fewer online scams, better privacy protections, smaller data breaches, and a lower overall risk of individual cybercrimes that can wreak havoc on a person's life. Importantly, if the Internet were to achieve such a promise, then everyone could feel as safe and as private online as they deserve. READ MORE...

Software Updates

Cisco patches three critical holes in IOS XE software

Cisco has patched three critical security holes in its IOS XE software that's used across a variety of its core routers and switches. The three critical warnings are part of a big release of 32 security alerts, many of which are IOS XE-related, including firewall, SD-WAN and wireless access vulnerabilities. Of the critical patches, the worst is a weakness in the Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers. READ MORE...

Malware

TangleBot Campaign Underscores SMS Threat

A malware campaign targeting Android devices in the United States and Canada with convincing text messages and links that lead to a downloader has highlighted the danger from SMS spam and phishing, security experts report. The campaign, dubbed TangleBot, uses coronavirus-themed messages to convince users to click a link, which leads to websites that attempt to collect sensitive information from the victim, according to researchers from email and messaging security firm Cloudmark. READ MORE...

Exploits/Vulnerabilities

Exchange/Outlook Autodiscover Bug Spills $100K+ Email Passwords

Guardicore security researcher Amit Serper has discovered a severe design bug in MIcrosoft Exchange's autodiscover - a protocol that lets users easily configure applications such as Microsoft Outlook with just email addresses and passwords. The flaw has caused the Autodiscover service to leak nearly 100,000 unique login names and passwords for Windows domains worldwide, Serper said in a technical report released this week. READ MORE...

On This Date

  • ...in 1822, French academic Jean-Francois Champollion announces that he has successfully deciphered the Rosetta Stone.
  • ...in 1954, the late-night TV program "Tonight with Steve Allen", which would later become "The Tonight Show", debuts on NBC.
  • ...in 1962, biologist Rachel Carson's environmental science book "Silent Spring" is published.
  • ...in 2003, the SMART-1 lunar satellite is launched by the European Space Agency.