IT Security Newsletter - 9/27/2022
Russia plans "massive cyberattacks" on critical infrastructure, Ukraine warns
The Ukrainian government on Monday warned that the Kremlin is planning to carry out "massive cyberattacks" targeting power grids and other critical infrastructure in Ukraine and in the territories of its allies. "By the cyberattacks, the enemy will try to increase the effect of missile strikes on electricity supply facilities, primarily in the eastern and southern regions of Ukraine," an advisory warned. READ MORE...
American Airlines phishing attack involved unauthorized access to Microsoft 365
Unauthorized access of American Airlines' Microsoft 365 environment identified July 5 was the result of a successful phishing email sent to an employee's account, lawyers for the airline disclosed in a letter to New Hampshire's Attorney General's office. An investigation by the American Cyber Security Response Team showed the unauthorized actor used an IMAP protocol to access employee mailboxes. The actor may have also previewed files on an employee SharePoint site. READ MORE...
Samsung Fails Consumers in Preventable Back-to-Back Data Breaches, According to Federal Lawsuit
Earlier this month, two Samsung users, Shelby Holtzclaw and Naeem Seirafi, fired a class action lawsuit at Samsung Electronics of America, accusing the company of unnecessarily collecting consumers' personal data and failing to safeguard it. Represented by powerhouse public interest firm, Clarkson Law Firm, the Plaintiffs further allege that Samsung failed to take appropriate protective measures leading to two back-to-back data breaches. READ MORE...
Hackers Leak French Hospital Patient Data in Ransom Fight
Hackers who crippled a French hospital and stole a trove of data last month have released personal records of patients online, officials have confirmed. The cyberattackers demanded a multimillion dollar ransom from the Corbeil-Essonnes hospital near Paris a month ago, but the institution refused to pay. The hospital said the hackers had now dumped medical scans and lab analyses along with the national security numbers of patients. READ MORE...
Fake Sites Siphon Millions of Dollars in 3-Year Scam
A subscription service scam has garnered millions of dollars in credit card charges by creating fake dating and adult sites, staffing them with live customer support, and using stolen credit card accounts to pay for "services." Endpoint security firm ReasonLabs stated in a Sept. 23 advisory that a Russian-speaking cybercrime group has created hundreds of fraudulent websites since 2019, likely using third-party proxies. READ MORE...
Hackers use PowerPoint files for 'mouseover' malware delivery
Hackers believed to work for Russia have started using a new code execution technique that relies on mouse movement in Microsoft PowerPoint presentations to trigger a malicious PowerShell script. No malicious macro is necessary for the malicious code to execute and download the payload, for a more insidious attack. A report from threat intelligence company Cluster25 says that APT28 (a.k.a. 'Fancy Bear') have used the new technique to deliver the Graphite malware as recently as September 9. READ MORE...
New Erbium password-stealing malware spreads as game cracks, cheats
The new 'Erbium' information-stealing malware is being distributed as fake cracks and cheats for popular video games to steal victims' credentials and cryptocurrency wallets. Erbium is a new Malware-as-a-Service (MaaS) that provides subscribers with a new information-stealing malware that is gaining popularity in the cybercrime community thanks to its extensive functionality, customer support, and competitive pricing. READ MORE...
SQL Server admins warned about Fargo ransomware
Organizations are being warned about a wave of attacks targeting Microsoft SQL Server with ransomware known as Fargo, which encrypts files and threatens victims that their data may be published online if they do not pay up. The warning comes in a blog posting from analysts at the AhnLab Security Emergency Response Center (ASEC), which says that Fargo is one of the most prominent ransomware strains targeting vulnerable SQL Server instances. READ MORE...
- ...in 1822, French academic Jean-Francois Champollion announces that he has successfully deciphered the Rosetta Stone.
- ...in 1954, the late-night TV program "Tonight with Steve Allen", which would later become "The Tonight Show", debuts on NBC.
- ...in 1962, biologist Rachel Carson's environmental science book "Silent Spring" is published.
- ...in 2003, the SMART-1 lunar satellite is launched by the European Space Agency.