IT Security Newsletter - 9/9/2024
Car rental giant Avis data breach impacts over 299,000 customers
American car rental giant Avis notified customers that unknown attackers breached one of its business applications last month and stole some of their personal information. According to data breach notification letters sent to impacted customers on Wednesday and filed with California's Office of the Attorney General, the company took action to stop the unauthorized access, launched an investigation with the help of external cybersecurity experts, and reported the incident to relevant authorities. READ MORE...
Major Iranian IT vendor paying large ransom to resolve recent cyberattack
An Iranian IT vendor that works with many of the nation's top banks and some of its government entities suffered a severe cyberattack and is in the process of paying a ransom in installments, according to emails and blockchain data reviewed by CyberScoop, contrary to claims from the Iranian government that a hack never occurred. The company, Tosan, provides IT services to 45% of the country's banks, serving 27 million Iranians, according to the company's website. READ MORE...
New RAMBO attack steals data using RAM in air-gapped computers
A novel side-channel attack dubbed "RAMBO" (Radiation of Air-gapped Memory Bus for Offense) generates electromagnetic radiation from a device's RAM to send data from air-gapped computers. Air-gapped systems, typically used in mission-critical environments with exceptionally high-security requirements, such as governments, weapon systems, and nuclear power stations, are isolated from the public internet and other networks to prevent malware infections and data theft. READ MORE...
Feds Warn on Russian Actors Targeting Critical Infrastructure
The United States, alongside several of its allies including the UK, are accusing the Russian military of attacking global critical infrastructure units through malicious cyber operations bent on espionage, sabotage, and reputational damage. The FBI, NSA, and CISA have published a joint advisory assessing the cyber actors affiliated with the Russian GRU 161st Specialist Training Center, otherwise known as Unit 29155. READ MORE...
Predator Spyware Resurfaces With Fresh Infrastructure
The Predator spyware has resurfaced with fresh infrastructure after a drop in activity caused by US sanctions against Intellexa Consortium, Recorded Future reports. Intellexa, based in Greece, was sanctioned in March for selling and distributing commercial spyware and surveillance tools. Three other entities were sanctioned for their roles in the development and distribution of the Predator spyware. READ MORE...
Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks
A recently patched SonicWall product vulnerability tracked as CVE-2024-40766 may have been exploited in ransomware attacks. The critical flaw, disclosed on August 22, impacts SonicOS on Gen 5, Gen 6 and Gen 7 firewalls. The vulnerability, an improper access control issue in the SonicOS management access and SSLVPN, can lead to unauthorized resource access or a firewall crash. SonicWall updated its advisory on Friday to inform customers that it is "potentially being exploited in the wild". READ MORE...
- ...in 1776, the Continental Congress formally declares the name of the new nation to be the "United States" of America.
- ...in 1850, California becomes the 31st state.
- ...in 1956, Elvis Presley makes his first appearance on The Ed Sullivan Show.
- ...in 1965, Los Angeles Dodgers pitcher Sandy Koufax, a former UC Basketball player, pitches the eighth perfect game in major league history.