11 Sep 2023
By Mary

InfoSec News Nuggets 09/11/2023

Cyber professionals say industry urgently needs to confront mental health crisis  As the coronavirus pandemic swept the U.S. in early 2020, Pat, a security engineer, had more than just his own health to worry about. He was the lead engineer responsible for protecting vast amounts of data moving between large health care organizations to the Centers for Disease Control and Prevention. The toll of working 80-hour weeks wasn’t new to Pat, who has been in…
Read More
08 Sep 2023
By Mary

InfoSec News Nuggets 09/08/2023

Coffee Meets Bagel says recent outage caused by destructive cyberattack  The Coffee Meets Bagel dating platform confirms last week's outage was caused by hackers breaching the company's systems and deleting company data. The dating platform says they are geared towards users looking for a serious relationship rather than casual dating. Last week, Coffee Meets Bagel (CMB) suffered a worldwide outage, with users upset that they could not coordinate planned dates or continue communicating with their matches.    DGA Behavior…
Read More
07 Sep 2023
By Mary

InfoSec News Nuggets 09/07/2023

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach  In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. Taylor Monahan is…
Read More
06 Sep 2023
By Mary

InfoSec News Nuggets 09/06/2023

How Ducktail capitalizes on compromised business, ad accounts  Quite some money can be made from selling compromised business and ad accounts on social media platforms, and the Ducktail threat actor has specialized in just that. “We observed that an account deemed ‘low-grade’ sells for around 350,000 Vietnamese dong (~$15 USD), while accounts considered valuable sell for around 8,000,000 Vietnamese dong (~$340 USD),” Zscaler researchers noted. Researchers have previously reported on campaigns mounted by the group, but Zscaler’s researchers have now…
Read More
05 Sep 2023
By Mary

InfoSec News Nuggets 09/05/2023

Chrome extensions can steal plaintext passwords from websites  A team of researchers from the University of Wisconsin-Madison has uploaded to the Chrome Web Store a proof-of-concept extension that can steal plaintext passwords from a website's source code. An examination of the text input fields in web browsers revealed that the coarse-grained permission model underpinning Chrome extensions violates the principles of least privilege and complete mediation. Additionally, the researchers found that numerous websites with millions of visitors,…
Read More
04 Sep 2023
By Mary

InfoSec News Nuggets 09/04/2023

Golf gear giant Callaway data breach exposes info of 1.1 million Topgolf Callaway (Callaway) suffered a data breach at the start of August, which exposed the sensitive personal and account data of more than a million customers. Callaway is an American sports equipment maker and seller specializing in golf equipment and accessories such as clubs, balls, bags, gloves, and caps. The company is present in more than 70 countries worldwide and has an annual revenue…
Read More
01 Sep 2023
By Mary

InfoSec News Nuggets 09/01/2023

Google Removes ‘Pirate’ URLs from Users’ Privately Saved Links  To date, Google has processed more than seven billion copyright takedown requests for its search engine. The majority of the reported links are purged from Google's search index, as required by the DMCA. Recently, however, Google appears to gone a step further, using search takedowns to "moderate" users' privately saved links collections.    NYC subway security flaw seemingly exposes ‘impossible’ Apple Pay vulnerability  An inexcusable NYC…
Read More
31 Aug 2023
By Mary

InfoSec News Nuggets 08/31/2023

FBI-Led Operation Duck Hunt Shuts Down QakBot Malware  The FBI has led a multinational law enforcement operation that has successfully dismantled QakBot, a leading malware loader used by cybercriminals to deploy ransomware. As part of Operation Duck Hunt, the FBI gained access to QakBot’s admin computers, which helped law enforcement map out the server infrastructure used in the botnet's operation. It then seized 52 servers, which it said would “permanently dismantle” the botnet, and redirected QakBot’s traffic to servers controlled by the Bureau, pointing…
Read More
30 Aug 2023
By Mary

InfoSec News Nuggets 08/30/2023

More UK cops' names and photos exposed in supplier breach  London's Metropolitan Police has said a third-party data breach exposed staff and officers' names, ranks, photos, vetting levels, and salary information. In a statement posted on the cops' website, the force said miscreants broke into a supplier's IT system, and used that unauthorized access to steal personnel information. The supplier did not, however, store police addresses, phone numbers or financial account details so it appears…
Read More
29 Aug 2023
By Mary

InfoSec News Nuggets 08/29/2023

Two Men Arrested Following Poland Railway Hacking “The two men arrested are Polish citizens,” said Tomasz Krupa, a police spokesman in the eastern city of Bialystok where the arrest occurred. Police also seized radio equipment from the apartment where the men, who are 24 and 29 years of age, were detained. On Friday night, the radio communication network of the Polish PKP railway was hacked near the northwestern city of Szczecin leading to the issuing…
Read More
28 Aug 2023
By Mary

InfoSec News Nuggets 08/28/2023

FTX, BlockFi's Customer Data Compromised in Kroll Hack Customer data of bankrupt crypto exchange FTX and lender BlockFi have been compromised due to a hack of Kroll, a third party agent that manages creditor claims on behalf of bankrupt companies. Crypto account passwords and other sensitive data weren’t affected, but customers were warned to be on the lookout for scammers impersonating parties in the bankruptcy. An “unauthorized third party gained access to certain BlockFi client…
Read More
25 Aug 2023
By Mary

InfoSec News Nuggets 08/25/2023

Sextortion Scams Surge 178% in a Year  Security researchers have detected a 178% increase in sextortion emails between the first half of 2022 and the same period this year, marking the category out as a top email threat. ESET said that sextortion emails ranked third among all email threats in H1 2023. They typically arrive unsolicited and claim to have compromising images or videos on the victim, taken via their webcam, which will be shared with…
Read More
24 Aug 2023
By Mary

InfoSec News Nuggets 08/24/2023

Experian Pays $650,000 to Settle Spam Claims  Experian Consumer Services has agreed to a permanent injunction and to pay a civil penalty of $650,000 to settle allegations relating to the CAN-SPAM Act. The firm, whose parent company is credit agency giant Experian, provides online credit reports, scores and monitoring products to customers. A case filed in the US District Court for the Central District of California revolved around emails sent by the company to consumers who had…
Read More
23 Aug 2023
By Mary

InfoSec News Nuggets 08/23/2023

'Cuba' Ransomware Group Uses Every Trick in the Book  In June, Russian ransomware group Cuba attacked an organization servicing US critical infrastructure. The cyberattack failed despite the group's use of multiple CVEs, off-the-shelf tools, unique malware programs, and evasion methods. Cuba is a financially motivated threat actor known for big money ransomware attacks primarily targeting US organizations. In its latest known campaign discovered by BlackBerry, it targeted an American critical infrastructure provider as well as a systems…
Read More
22 Aug 2023
By Mary

InfoSec News Nuggets 08/22/2023

Ivanti warns of new actively exploited MobileIron zero-day bug  US-based IT software company Ivanti warned customers today that a critical Sentry API authentication bypass vulnerability is being exploited in the wild. Ivanti Sentry (formerly MobileIron Sentry) functions as a gatekeeper for enterprise ActiveSync servers like Microsoft Exchange Server or backend resources such as Sharepoint servers in MobileIron deployments, and it can also operate as a Kerberos Key Distribution Center Proxy (KKDCP) server.    Tesla points to…
Read More
21 Aug 2023
By Mary

InfoSec News Nuggets 08/21/2023

Google proposes new security keys to protect data from future quantum attacks Even though quantum computers are still under development, researchers are already working to protect sensitive data from attacks fueled by the expected advances in computing power. This week Google announced the release of code for a security key that uses cryptography designed to withstand decryption attempts by traditional computers and quantum processors as well. The company says its proposed implementation will allow for…
Read More
18 Aug 2023
By Mary

InfoSec News Nuggets 08/18/2023

AnonFiles Shuts Down After Massive User Abuse  A popular anonymous file sharing service used by security researchers and threat actors has decided to close down, citing “extreme volumes” of users abusing it. AnonFiles was a going concern for two years, enabling anyone to share files without fear of being tracked online. It became a popular way for malicious hackers to share stolen data such as logins and personally identifiable information (PII). As first reported by…
Read More
17 Aug 2023
By Mary

InfoSec News Nuggets 08/17/2023

America's original hacking supergroup creates a free framework to improve app security Cult of the Dead Cow (cDc), a hacking group known for its activist endeavors, has built an open source tool for developers to build secure apps. Veilid, launched at DEF CON on Friday, includes options like letting users opt out of data collection and online tracking as a part of the group’s mission to fight against the commercialization of the internet. “We feel…
Read More
16 Aug 2023
By Mary

InfoSec News Nuggets 08/16/2023

Over 120,000 Computers Compromised by Info Stealers Linked to Users of Cybercrime Forums  A "staggering" 120,000 computers infected by stealer malware have credentials associated with cybercrime forums, many of them belonging to malicious actors. The findings come from Hudson Rock, which analyzed data collected from computers compromised between 2018 to 2023. "Hackers around the world infect computers opportunistically by promoting results for fake software or through YouTube tutorials directing victims to download infected software," Hudson Rock CTO Alon Gal…
Read More
15 Aug 2023
By Mary

InfoSec News Nuggets 08/15/2023

Ford Says Wi-Fi Vulnerability Not a Safety Risk to Vehicles  American car maker Ford says that a vulnerability in the Wi-Fi driver of the SYNC 3 infotainment system on certain Ford and Lincoln vehicles does not pose a safety risk. Tracked as CVE-2023-29468, the bug impacts the Texas Instruments-supplied Wi-Fi driver used in the infotainment system of at least a dozen vehicles. The issue is described as a buffer overflow that could lead to remote…
Read More
14 Aug 2023
By Mary

InfoSec News Nuggets 08/14/2023

Microsoft to freeze license extensions for Russian companies Microsoft will stop renewing licenses for its products to Russian companies starting in October following sanctions imposed against Russia due to the war in Ukraine. The U.S. software giant said in a letter sent to Russian businesses on Thursday that it will no longer process payments via wire transfer to a local bank account for its services in Russia. Microsoft customers now have two months to find…
Read More
10 Aug 2023
By Mary

InfoSec News Nuggets 08/10/2023

Google teases Project IDX, an AI-infused code editing thing  Google on Tuesday announced Project IDX, an AI-infused cloud-based integrated development environment. This super IDE "is a browser-based development experience built on Google Cloud and powered by Codey, a foundational AI model trained on code and built on PaLM 2," wrote five Googlers who worked on the project in an announcement. PaLM 2 is one of Google's large language models. "It’s designed to make it easier to build, manage and deploy full-stack web and multiplatform…
Read More
08 Aug 2023
By Mary

InfoSec News Nuggets 08/08/2023

Microsoft Patches Critical Azure Flaw Following Criticism for ‘Irresponsible’ Security Practices  Microsoft has fixed a critical vulnerability that could let hackers gain unauthorized access to sensitive data and cross-tenant applications managed by Azure AD. The fix comes shortly after security researchers criticized Microsoft for its “grossly irresponsible” cybersecurity practices. In a post on LinkedIn, Amit Yoran, the CEO of the security firm Tenable, called out Microsoft for failing to address a vulnerability in its Azure platform. It enabled Chinese state-sponsored hackers…
Read More
07 Aug 2023
By Mary

InfoSec News Nuggets 08/07/2023

US ‘lagging behind’ on Border Gateway Protocol security practices, CISA and FCC chiefs say  The U.S. government is lagging behind other countries in instituting more stringent cybersecurity measures governing Border Gateway Protocol (BGP) – a set of technical rules responsible for routing data efficiently. BGP is one of the most important facets of the internet, serving as the underpinning for everyday actions like banking, telemedicine visits and more. This week, FCC Chairwoman Jessica Rosenworcel and Cybersecurity and Infrastructure…
Read More
04 Aug 2023
By Mary

InfoSec News Nuggets 08/04/2023

FCC fines robocaller a record $300M after blocking billions of their scam calls The FCC’s robocaller penalties are growing as the agency tracks down and terminates their operations — this time resulting in a record $300 million forfeiture. But whether and when that money will be paid is, as always, something of an open question. The robocaller in this case was known by a variety of names and had been scamming people since 2018, as the…
Read More
03 Aug 2023
By Mary

InfoSec News Nuggets 08/03/2023

Reddit beats film industry, won’t have to identify users who admitted torrenting Film companies lost another attempt to force Reddit to identify anonymous users who discussed piracy. A federal court on Saturday quashed a subpoena demanding users' names and other identifying details, agreeing with Reddit's argument that the film companies' demands violate the First Amendment. The plaintiffs are 20 producers of popular movies who are trying to prove that Internet service provider Grande is liable for its subscribers' copyright…
Read More
02 Aug 2023
By Mary

InfoSec News Nuggets 08/02/2023

A New Attack Impacts Major AI Chatbots—and No One Knows How to Stop It CHATGPT AND ITS artificially intelligent siblings have been tweaked over and over to prevent troublemakers from getting them to spit out undesirable messages such as hate speech, personal information, or step-by-step instructions for building an improvised bomb. But researchers at Carnegie Mellon University last week showed that adding a simple incantation to a prompt—a string text that might look like gobbledygook…
Read More
01 Aug 2023
By Mary

InfoSec News Nuggets 08/01/2023

Global Lawyers Unveil Cyber Best Practices for Execs  The International Bar Association (IBA) has published what it claims to be a “first-of-its-kind” report to guide senior executives and boards to protect their organization from cyber risk. Released today, Global perspectives on protecting against cyber risks: best governance practices for senior executives and boards of directors, is a lengthy document designed to give leaders insight into the main elements of a strong cyber-risk management program. Co-chairs of the IBA…
Read More
31 Jul 2023
By Mary

InfoSec News Nuggets 07/31/2023

Senate opens path for a cyber-focused military branch  The possibility of a U.S. Cyber Force moved one step closer to reality on Thursday after the Senate approved its version of a massive defense policy bill. The $886 billion National Defense Authorization Act passed in a 86-11 vote. The Republican-led House narrowly passed its version of the legislation earlier this month, mostly along party lines. The two chambers will now go to conference to write a final…
Read More
28 Jul 2023
By Mary

InfoSec News Nuggets 07/28/2023

Android phones can now tell you if there’s an AirTag following you  When Google announced that trackers would be able to tie in to its 3 billion-device Bluetooth tracking network at its Google I/O 2023 conference, it also said that it would make it easier for people to avoid being tracked by trackers they don't know about, like Apple AirTags. Now Android users will soon get these "Unknown Tracker Alerts." Based on the joint specification developed by Google and Apple, and incorporating…
Read More
27 Jul 2023
By Mary

InfoSec News Nuggets 07/27/2023

This MIT team is fighting malicious AI image manipulation a few pixels at a time  As AI image creation and editing becomes more prevalent, a new digital privacy concern has arisen -- the unauthorized AI editing of someone's artwork or picture. To date, there's nothing to stop someone from taking a picture online, uploading it to an AI program, and manipulating it for all sorts of purposes. But a new technique from a team at MIT could change that. Simply called…
Read More
26 Jul 2023
By Mary

InfoSec News Nuggets 07/26/2023

PokerStars data breach exposes sensitive info of over 100,000 people  PokerStars, the world’s largest online poker platform, is the latest company to fall victim to the MOVEit Transfer hack. The incident resulted in unauthorized access to names, Social Security Numbers, and addresses of as many as 110,291 individuals. In a data breach notice filed with the Attorney General of Maine on July 20, the company said that it learned about the critical vulnerability impacting its third software provider on June…
Read More
25 Jul 2023
By Mary

InfoSec News Nuggets 07/25/2023

Novel Open Source Supply Chain Attacks Target Banking Sector  Application security provider Checkmarx has identified what it described as the first open source software supply chain attacks targeting the banking sector. In a recent report, Checkmarx researchers analyzed two distinct, sophisticated supply chain attacks relying on open source toolsets. Both attacks’ targets were banks. The first attack started in February 2023, when a threat actor uploaded a package to NPM, the world’s largest software registry. This package contained a payload designed to latch…
Read More
24 Jul 2023
By Mary

InfoSec News Nuggets 07/24/2023

Bill that Would Stop the Government Buying Data Without a Warrant Passes Key Hurdle  A group of lawmakers on the House Judiciary Committee passed a proposed piece of legislation that would stop government agencies buying data without a warrant. The Fourth Amendment is Not for Sale Act was in part written in response to Motherboard’s continued revelations about the location data industry. “By passing the Fourth Amendment Is Not For Sale Act, both Democrats and Republicans on…
Read More
21 Jul 2023
By Mary

InfoSec News Nuggets 07/21/2023

How safe is your sensitive data in mental health apps?  Australian Academics have raised concerns about some popular mental health apps' data collection and use policies. A CHOICE survey of over 1,000 people conducted in June 2022 found that 30% of Australians had one or more mental health apps downloaded on their phones. Some are designed to help users improve their emotional well-being, become more mindful, and address common mental health issues providing access to online therapy, meditation practice,…
Read More
20 Jul 2023
By Mary

InfoSec News Nuggets 07/20/2023

Ukraine takes down massive bot farm, seizes 150,000 SIM cards  The Cyber ​​Police Department of the National Police of Ukraine dismantled another massive bot farm linked to more than 100 individuals after searches at almost two dozen locations. The bots were used to push Russian propaganda justifying Russia's war in Ukraine, to disseminate illegal content and personal information, and in various other fraudulent activities. In a joint operation, the cyber police and units of the…
Read More
19 Jul 2023
By Mary

InfoSec News Nuggets 07/19/2023

VirusTotal leaked data of 5,600 registered users VirusTotal has suffered a data leak that exposed the names and email addresses of 5,600 of its registered users. The leaked data reportedly includes information about employees of US and German intelligence agencies (among others). Google-owned VirusTotal is a popular online service for analyzing suspicious files and URLs to detect malware and malicious content through antivirus engines and website scanners.   Attackers Pummel Millions of Websites via Critical…
Read More
18 Jul 2023
By Mary

InfoSec News Nuggets 07/18/2023

JumpCloud says nation-state hackers breached its systems Identity and access management firm JumpCloud says it reset customers’ API keys after nation-state hackers breached its systems. JumpCloud, a directory platform that allows enterprises to authenticate, authorize, and manage users and devices, last week told customers that it had reset their API keys “out of an abundance of caution” due to an ongoing, but unspecified security incident. In a post-mortem of the incident published, JumpCloud said it…
Read More
17 Jul 2023
By Mary

InfoSec News Nuggets 07/17/2023

Microsoft still unsure how hackers stole Azure AD signing key  Microsoft says it still doesn't know how Chinese hackers stole an inactive Microsoft account (MSA) consumer signing key used to breach the Exchange Online and Azure AD accounts of two dozen organizations, including government agencies. "The method by which the actor acquired the key is a matter of ongoing investigation," Microsoft admitted in a new advisory published today. The incident was reported by U.S. government officials after the discovery of unauthorized…
Read More
14 Jul 2023
By Mary

InfoSec News Nuggets 07/14/2023

Congress is trying to stop discriminatory algorithms again  US policymakers hope to require online platforms to disclose information about their algorithms and allow the government to intervene if these are found to discriminate based on criteria like race or gender. Sen. Edward Markey (D-MA) and Rep. Doris Matsui (D-CA) reintroduced the Algorithmic Justice and Online Platform Transparency Act, which aims to ban the use of discriminatory or “harmful” automated decision-making. It would also establish safety standards,…
Read More
13 Jul 2023
By Mary

InfoSec News Nuggets 07/13/2023

Financial Industry Faces Soaring Ransomware Threat  The financial industry has been facing a surge in ransomware attacks over the past few years, said cybersecurity provider SOCRadar in a threat analysis post published on July 12, 2023. This trend started in the first half of 2021, when Trend Micro saw a staggering 1318% increase in ransomware attacks targeting banks and financial institutions compared to the same period in 2020. Sophos also found that over half (55%) of financial service firms fell victim…
Read More
12 Jul 2023
By Mary

InfoSec News Nuggets 07/12/2023

Apple releases, quickly pulls Rapid Security Response update for 0-day WebKit bug  Yesterday, Apple published a new Rapid Security Response update for iOS 16, iPadOS 16, and macOS Ventura to patch yet another actively exploited WebKit code execution bug. But shortly after installation, users began having issues accessing certain websites, and Apple has apparently pulled the update to fix the problem. According to MacRumors, affected sites include Facebook, Instagram, WhatsApp, and Zoom, which began showing warning messages about not being supported following…
Read More
11 Jul 2023
By Mary

InfoSec News Nuggets 07/11/2023

New Mozilla Feature Blocks Risky Add-Ons on Specific Websites to Safeguard User Security Mozilla has announced that some add-ons may be blocked from running on certain sites as part of a new feature called Quarantined Domains. "We have introduced a new back-end feature to only allow some extensions monitored by Mozilla to run on specific websites for various reasons, including security concerns," the company said in its Release Notes for Firefox 115.0 released last week.…
Read More
10 Jul 2023
By Mary

InfoSec News Nuggets 07/10/2023

Can Generative AI Be Trusted to Fix Your Code?  Organizations worldwide are in a race to adopt AI technologies into their cybersecurity programs and tools. A majority (65%) of developers use or plan on using AI in testing efforts in the next three years. There are many security applications that will benefit from generative AI, but is fixing code one of them? For many DevSecOps teams, generative AI represents the holy grail for clearing their increasing vulnerability backlogs.     MOVEit Transfer customers…
Read More
07 Jul 2023
By Mary

InfoSec News Nuggets 07/07/2023

Cyber agencies warn of new TrueBot malware variants targeting US and Canadian firms  Cybersecurity agencies in the U.S. and Canada warned Thursday that threat actors are using new TrueBot malware variants to steal data from victims. In an advisory co-written by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Centre for Cyber Security (CCCS), the organizations said that as recently as May 31 they observed a surge in financially…
Read More
06 Jul 2023
By Mary

InfoSec News Nuggets 07/06/2023

Singapore tells crypto operators: act like grown up financial institutions  Singapore has joined the ranks of nations requiring digital payment operators to follow the same sort of regulations and customer protection requirements that apply to conventional financial institutions. In measures floated in October 2022 and to be enacted by the end of 2023, Singapore's Monetary Authority (MAS) will require operators to hold customer assets under a statutory trust segregated from their own assets. Crypto outfits are…
Read More
05 Jul 2023
By Mary

InfoSec News Nuggets 07/05/2023

Who’s Behind the DomainNetworks Snail Mail Scam?  If you’ve ever owned a domain name, the chances are good that at some point you’ve received a snail mail letter which appears to be a bill for a domain or website-related services. In reality, these misleading missives try to trick people into paying for useless services they never ordered, don’t need, and probably will never receive. Here’s a look at the most recent incarnation of this scam — DomainNetworks — and…
Read More
03 Jul 2023
By Mary

InfoSec News Nuggets 07/03/2023

Tech firms sue Arkansas over social media age verification law  The technology industry isn't thrilled with Arkansas' law requiring social media age checks. NetChoice, a tech trade group that includes Google, Meta and TikTok, has sued the state of Arkansas over claimed US Constitution violations in the Social Media Safety Act. The measure allegedly treads on First Amendment free speech rights by making users hand over private data in order to access social networks. It also "seizes decision making"…
Read More
30 Jun 2023
By Mary

InfoSec News Nuggets 06/30/2023

Does the world need an arms control treaty for AI?  At the dawn of the atomic age, the nuclear scientists who invented the atomic bomb realized that the weapons of mass destruction they had created desperately needed to be controlled. Physicists such as Niels Bohr and J. Robert Oppenheimer believed that as knowledge of nuclear science spread so, too, would bombs. That realization marked the beginning of the post-war arms control era. Today, there’s a similar…
Read More
29 Jun 2023
By Mary

InfoSec News Nuggets 06/29/2023

Windows 11 tests letting you sign into websites with your fingerprint or face  Microsoft is improving Windows 11’s support for the new passkey standard that aims to replace passwords with a more secure and convenient way of logging in. A recent Insider Preview Build (23486) now lets you use Windows Hello natively to create and sign in to supported applications and websites using passkeys, where you’ll be asked to prove your identity using a PIN, fingerprint, or…
Read More