<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 9/29/2023

SHARE

Top News

US State Department Says 60,000 Emails Taken in Alleged Chinese Hack

The US State Department said Thursday that hackers took around 60,000 emails, although none of them classified, in an attack which Microsoft has blamed on China. Microsoft revealed in July that a Chinese hacking group had breached its email platform and accessed messages from around 25 organizations including US government agencies. "It was approximately 60,000 unclassified emails that were exfiltrated as a part of that breach," State Department spokesman Matthew Miller told reporters. READ MORE...

Breaches

Ransomware group demands $51 million from Johnson Controls after cyber attack

Johnson Controls, a multinational conglomerate that secures industrial control systems, security equipment, fire safety and air conditioning systems, has been hit by a massive cyber attack. The company, which employs over 100,000 people around the world, suffered a ransomware attack over the weekend which left data encrypted and caused it to shut down sections of its IT infrastructure. READ MORE...

Hacking

Cisco routers abused by China-linked hackers against US, Japan companies

U.S. and Japanese authorities warned a state-backed cyber threat group, identified as BlackTech, is abusing firmware in Cisco and other routers to hack into companies in both countries. Officials said the group, linked to the People's Republic of China, is using custom malware and living-off-the-land techniques to infiltrate international subsidiaries of these companies and gain trusted access to computer systems inside the main headquarters at unsuspecting firms. READ MORE...

Malware

Novel ZenRAT Scurries Onto Systems via Fake Password Manager Tool

A novel info-stealing malware variant is lurking behind fake installation packages of the open source password manager Bitwarden, in an elaborate scheme exclusively targeting Windows users. The attack uses a fake website to distribute the packages. Researcher Jérôme Segura, senior director of threat intelligence at Malwarebytes, shared a sample of the malware - dubbed ZenRAT - with researchers at Proofpoint in August, they revealed in a blog post published this week. READ MORE...

Exploits/Vulnerabilities

Progress warns of maximum severity WS_FTP Server vulnerability

Progress Software, the maker of the MOVEit Transfer file-sharing platform recently exploited in widespread data theft attacks, warned customers to patch a maximum severity vulnerability in its WS_FTP Server software. The company says thousands of IT teams worldwide use its enterprise-grade WS_FTP Server secure file transfer software. In an advisory published on Wednesday, Progress disclosed multiple vulnerabilities impacting the software's manager interface and Ad hoc Transfer Module. READ MORE...


Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers

Gaps in Cloudflare's security controls allow users to bypass customer-configured protection mechanisms and target other users from the platform itself, technology consulting firm Certitude warns. The issue, the company says, arises from the shared infrastructure that all Cloudflare tenants have access to, allowing malicious actors to abuse the trust customers place in the platform's protections to target them via Cloudflare. READ MORE...

On This Date

  • ...in 1942. actor Ian McShane ("Deadwood", "Lovejoy") is born in Lancashire, England.
  • ...in 1963, Les Claypool, bass player and lead singer of alternative rock band Primus, is born in Richmond, CA.
  • ...in 1966, Chevrolet introduces the Camaro, which went on to become one of the iconic "muscle cars" of the mid-20th century.
  • ...in 1988, Stacy Allison of Portland, OR becomes the first American woman to reach the summit of Mount Everest.