IT Security Newsletter

IT Security Newsletter - 9/30/2022

Written by Cadre | Fri, Sep 30, 2022

Numerous orgs hacked after installing weaponized open source apps

Hackers backed by the North Korean government are weaponizing well-known pieces of open source software in an ongoing campaign that has already succeeded in compromising "numerous" organizations in the media, defense and aerospace, and IT services industries, Microsoft said on Thursday. ZINC (AKA Lazarus) has been lacing PuTTY and other legitimate open source applications with highly encrypted code that ultimately installs espionage malware. READ MORE...

Ex-NSA employee charged with violating Espionage Act, selling U.S. cyber secrets

A former National Security Agency employee appeared in federal court Thursday on charges that he attempted to transmit classified "national defense information" to an FBI agent he believed was a Russian operative in exchange for $85,000, according to the Justice Department. The former employee, Jareh Sebastian Dalke, allegedly told the undercover agent that he had access to information "relating to foreign targeting of U.S. systems and information on cyber operations," according to the affidavit. READ MORE...

IT admin admits sabotaging ex-employer's network in bid for higher salary

A 40-year-old man could face up to 10 years in prison, after admitting in a US District Court to sabotaging his former employer's computer systems. Casey K Umetsu, of Honolulu, Hawaii, has pleaded guilty to charges that he deliberately misdirected a financial company's email traffic and prevented customers from reaching its website in a failed attempt to convince the firm to rehire him at a greater salary. READ MORE...

Fake CISO Profiles on LinkedIn Target Fortune 500s

Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world's largest corporations. It's not clear who's behind this network of fake CISOs or what their intentions may be. But the fabricated LinkedIn identities are confusing search engine results for CISO roles at major companies, and they are being indexed as gospel by various downstream data-scraping sources. READ MORE...

Hacking group hides backdoor malware inside Windows logo image

Security researchers have discovered a malicious campaign by the 'Witchetty' hacking group, which uses steganography to hide a backdoor malware in a Windows logo. Witchetty is believed to have close ties to the state-backed Chinese threat actor APT10 (aka 'Cicada'). The group is also considered part of the TA410 operatives, previously linked to attacks against U.S. energy providers. READ MORE...

'Disgruntled insider' shared REvil information with researchers, helped law enforcement

In the fall of 2019, after writing about how Sodinokibi ransomware affiliates bragged online about the money they were making, threat intelligence researchers with McAfee Advanced Threat Research received an interesting email. The sender turned out to be a "disgruntled internal source" upset with how other hackers boasted about earnings while they hadn't been paid. READ MORE...

Microsoft confirms new Exchange zero-days are used in attacks

Microsoft has confirmed that two recently reported zero-day vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019 are being exploited in the wild. "The first vulnerability, identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, while the second, identified as CVE-2022-41082, allows remote code execution (RCE) when PowerShell is accessible to the attacker," Microsoft said. READ MORE...

XSS Flaw in Prevalent Media Imaging Tool Exposes Trove of Patient Data

Canon Medical's Vitrea View is a widely used tool for securely sharing medical images between radiologists, physicians, and other healthcare providers on a patient care team. Two newly discovered vulnerabilities (collectively tracked as CVE-2022-37461) could allow threat actors to access much more than X-rays. One flaw is an unauthenticated reflected cross-site scripting (XSS) in an error message, according to a new report from Trustwave's SpiderLabs. READ MORE...

Qubits surf sound waves between quantum nodes

Inspired by the functioning of pulsed lasers, scientists from France and Japan have developed an acoustic counterpart that enables the precise and controlled transmission of single electrons between quantum nodes. The spin of an electron can serve as a basis for creating qubits-the basic unit of information of quantum computing. In order to process or store that information, the information in qubits may have to be transported between quantum nodes in a network. READ MORE...

  • ...in 1927, Babe Ruth hits his 60th home run of the 1927 season and with it sets a record that would stand for 34 years.
  • ...in 1954, the USS Nautilus, the world's first nuclear submarine, is commissioned by the U.S. Navy.
  • ...in 1972, Pro baseball great Roberto Clemente hits his 3,000th and final hit of his career
  • ...in 1980, the original specifications for Ethernet computer networking technologies are published by Xerox with Intel and Digital Equipment Corporation.