Security News

We only eat about half of a squid, ignoring the fins. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Mark Angarola, Allison Angarola, Jose Garcia, Michelle Cox, and Lisa Mincak were all arrested and charged in the US with one count each of wire fraud and wire fraud conspiracy, both of which carry a maximum sentence of 20 years in prison. Mark Angarola, Cox, and Garcia have been charged with tax evasion and failing to report their true income to the IRS, including proceeds from the alleged embezzlement scheme.

Numerous Payoneer users in Argentina report waking up to find that their 2FA-protected accounts were hacked and funds stolen after receiving SMS OTP codes while they were sleeping. Starting last weekend, many Payoneer users in Argentina, whose accounts were protected by two-factor authentication, reported suddenly losing access to their accounts or simply logging in to empty wallets, losing "Years of work" worth in money ranging from $5,000 to $60,000.

Zelle has been using my name, and my voice, in audio podcast ads-without my permission. It's possible that I gave some sort of blanket permission when speaking at an event.

CISA issued this year's first emergency directive ordering Federal Civilian Executive Branch agencies to immediately mitigate two Ivanti Connect Secure and Ivanti Policy Secure zero-day flaws in response to widespread and active exploitation by multiple threat actors.As instructed by emergency directive ED 24-01, federal agencies now must promptly implement Ivanti's publicly disclosed mitigation measures to block attack attempts.

A previously patched critical vulnerability affecting Ivanti Endpoint Manager Mobile and MobileIron Core is being actively exploited, the Cybersecurity and Infrastructure Security Agency has confirmed by adding the vulnerability to its Known Exploited Vulnerabilities Catalog. It is not known whether the vulnerability is being exploited by ransomware groups, and CISA does not publish specific information about attacks in which the vulnerabilities in the KEV catalog are exploited.

The U.S. Federal Trade Commission continues to target data brokers, this time in a settlement with InMarket Media, which bans the company from selling Americans' precise location data. InMarket is a Texas-based data aggregation company specializing in collecting and analyzing people's location data.

A Chinese hacking group has been exploiting a critical vCenter Server vulnerability as a zero-day since at least late 2021. In the next stage, they exploited the CVE-2023-20867 VMware Tools authentication bypass flaw to escalate privileges, harvest files, and exfiltrate them from guest VMs. While, until now, Mandiant didn't know how the attackers gained privileged access to victims' vCenter servers, the link was made evident in late 2023 by a VMware vmdird service crash minutes before the backdoors' deployment closely matching CVE-2023-34048 exploitation.

IT pros in Australia should be looking forward to a big year in 2024, as ongoing transformation continues to redefine their roles within their companies. Coupled with an ongoing skills shortage, those pros who spend the effort to develop their skillsets according to current trends will do well, regardless of the broader economic conditions.

VF Corporation, the company behind brands like Vans, Timberland, The North Face, Dickies, and Supreme, said that more than 35 million customers had their personal information stolen in a December ransomware attack."Based on VF's preliminary analysis from its ongoing investigation, VF currently estimates that the threat actor stole personal data of approximately 35.5 million individual consumers," VF Corp said in an 8-K form filed with the U.S. Securities and Exchange Commission on Thursday.