IT Security Newsletter - 9/8/2021
Howard University canceled classes and shut down campus WiFi after a ransomware attack
Officials at Howard University in Washington, DC, canceled classes Tuesday and limited instruction for Wednesday after its systems were hit by a ransomware attack last week. "The situation is still being investigated, but we are writing to provide an interim update and to share as much information as we safely and possibly can at this point in time, considering that our emails are often shared within a public domain," Howard officials said in a letter to the Howard community Monday. READ MORE...
Microsoft, CISA Urge Mitigations for Zero-Day RCE Flaw in Windows
Both Microsoft and federal cybersecurity officials are urging organizations to use mitigations to combat a zero-day remote control execution (RCE) vulnerability in Windows that allows attackers to craft malicious Microsoft Office documents. Microsoft has not revealed much about the MSHTML bug, tracked as CVE-2021-40444, beyond that it is "aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents," according to an advisory released Tuesday. READ MORE...
REvil ransomware's servers mysteriously come back online
The dark web servers for the REvil ransomware operation have suddenly turned back on after an almost two-month absence. It is unclear if this marks their ransomware gang's return or the servers being turned on by law enforcement. On July 2nd, the REvil ransomware gang, aka Sodinokibi, used a zero-day vulnerability in the Kaseya VSA remote management software to encrypt approximately 60 managed service providers (MSPs) and over 1,500 of their business customers. READ MORE...
Alleged Russian malware developer arrested after being stranded in South Korea due to COVID-19 pandemic
The global pandemic has caused heartbreak and hardship for millions of people around the world, but for one alleged member of the notorious TrickBot malware gang it may also have resulted in their arrest. As Catalin Cimpanu at The Record reports, a man was arrested last week by South Korean law enforcement agents at Seoul's international airport as he attempted to board a flight back to his native Russia. READ MORE...
Top tips for preventing SQL injection attacks
In the wake of the Colonial Pipeline attack and other high-profile cases, IT teams may be scrabbling to shore up their endpoint protection. But those in the developer community know security weaknesses don't begin and end there, write code improperly or with insufficient security, and you're also coding in future web attacks. Web vulnerabilities are an issue that affect even the biggest tech companies. They cover a host of different coding issues, but the examples above include a very specific type. READ MORE...
US officials warn of "mass exploitation" of Atlassian Confluence flaw
Hackers are exploiting a vulnerability in the on-premise Atlassian Confluence workplace collaboration platform on a massive scale, with businesses urged to patch their systems without delay. US Cyber Command issued a public notice just before the weekend warning that mass exploitation of the remote code execution flaw tracked as CVE-2021-26084 is "ongoing and expected to accelerate". READ MORE...
Netgear Smart Switches Open to Complete Takeover
Three severe Netgear vulnerabilities, codenamed Demon's Cries, Draconian Fear and Seventh Inferno by the researcher that found them, affect 20 of the company's managed smart switches and could allow an attacker to take them over. The bugs were patched on Friday with zero technical details made available, but the researcher has now released more details on the first two. Details on the third, Seventh Inferno, will be published after Sept. 13, he said. READ MORE...
- ...in 1930, 3M begins marketing Scotch brand transparent tape.
- ...in 1943, Gen. Dwight Eisenhower publicly announces the surrender of Italy to the Allies.
- ...in 1966, the crew of the U.S.S. Enterprise takes off on its mission to "boldly go where no man has gone before," with the premiere of Star Trek.
- ...in 1974, President Gerald Ford pardons his predecessor Richard Nixon for any crimes he may have committed.