InfoSec News Nuggets 12/07/2023

  Nissan is investigating cyberattack and potential data breach  Japanese car maker Nissan is investigating a cyberattack that targeted its systems in Australia and New Zealand, which may have let hackers access personal information. Details of the attack have not been published but the company informed customers of its Nissan Oceania division of a potential data breach, warning them that there is a risk of scams in the upcoming days. Nissan Oceania is a regional division of…
Read More

InfoSec News Nuggets 12/06/2023

  Meta and IBM launch ‘AI Alliance’ to promote open-source AI development  Facebook’s parent company, Meta, and IBM on Tuesday launched a new group called the AI Alliance advocating for an “open-science” approach to AI development that puts them at odds with rivals Google, Microsoft and ChatGPT-maker OpenAI. These two diverging camps – the open and the closed – disagree about whether to build AI in a way that makes the underlying technology widely accessible. Safety is…
Read More

InfoSec News Nuggets 12/05/2023

US Lawmakers Want to Use a Powerful Spy Tool on Immigrants and Their Families Americans with family overseas who hope to visit the United States may soon face an increased risk of being surveilled by their own government. Support in Congress is growing for intensified vetting procedures at the US border, which would see immigrants and foreign visitors subjected to the same levels of scrutiny as suspected terrorists and spies. A bill introduced last week…
Read More

InfoSec News Nuggets 12/04/2023

EU Council president proposes ‘European cyber force’ with ‘offensive capabilities’ Charles Michel, the president of the European Council — the EU body that sets the bloc’s political direction — proposed on Thursday the creation of “a European cyber force … equipped with offensive capabilities.” “The sensitive issue of chain of command would need to be addressed,” he acknowledged at the annual conference for the European Defence Agency (EDA). The Council President’s spokesperson was unable to…
Read More

InfoSec News Nuggets 12/01/2023

  Suspected China-based hackers target Uzbekistan gov’t, South Koreans, Cisco says  Hackers believed to be based in China are targeting the Uzbekistan Ministry of Foreign Affairs, as well as people in South Korea, with a strain of malware called SugarGh0st, according to a new report. Cisco published a blog on Thursday spotlighting the malware — which they believe is a variant of Gh0st RAT, an infamous tool used for more than a decade by a range…
Read More

InfoSec News Nuggets 11/30/2023

  Zero-day vulnerability in Google Chrome, statement issued by Google  Google has released an emergency security update to address a critical zero-day vulnerability in its Chrome web browser. The vulnerability, CVE-2023-6345, stems from an integer overflow weakness within the Skia open-source 2D graphics library. The vulnerability could allow attackers to execute arbitrary code on affected systems, potentially taking control of devices or stealing personal information revealed by BleepingComputer.     US lawmakers have Chinese LiDAR on their threat-detection radar  A…
Read More

InfoSec News Nuggets 11/29/2023

  Cybercriminals Hesitant About Using Generative AI  Cybercriminals are so far reluctant to use generative AI to launch attacks, according to new research by Sophos. Examining four prominent dark-web forums for discussions related to large language models (LLMs), the firm found that threat actors showed little interest in using these tools, and even expressed concerns about the wider risks they pose. In two of the forums included in the research, just 100 posts on AI were found.…
Read More

InfoSec News Nuggets 11/28/2023

  Ukraine claims cyber operation against Russian aviation agency  Ukraine's defense intelligence directorate has claimed it carried out a successful cyber operation against Russian government’s civil aviation agency, also known as Rosaviatsia. The agency reported November 23 that as a result of the hack, it obtained “a large volume of confidential documents,” including a list of daily reports from Rosaviatsia spanning more than a year and a half. The agency didn't reveal any technical details of what it called a…
Read More

InfoSec News Nuggets 11/27/2023

Canada’s privacy watchdog investigating hack affecting military and RCMP personnel  The Privacy Commissioner of Canada is investigating a cyberattack that compromised data on current and former members of the country’s armed forces and the Royal Canadian Mounted Police (RCMP). Two affiliated companies, Brookfield Global Relocation Services (BGRS) and Sirva Canada LP, informed the Canadian government of the breach in October. The companies have been contracted by the Canadian government to provide relocation services for personnel since 1995,…
Read More

InfoSec News Nuggets 11/24/2023

PSA: Watch out for these fake Safari and Chrome updates infecting Macs with AMOS  A powerful new malware launched in early 2023 called Atomic macOS Stealer (AMOS) targets Apple users and has become a growing threat. Now, with the latest iteration of the malware, malicious parties are planting AMOS inside fake Safari and Chrome browser updates for Mac. We’ll cover how it works and how to avoid this threat. As a refresher, AMOS is a powerful piece of…
Read More

InfoSec News Nuggets 11/22/2023

Cybersecurity firm executive pleads guilty to hacking hospitals The former chief operating officer of a cybersecurity company has pleaded guilty to hacking two hospitals, part of the Gwinnett Medical Center (GMC), in June 2021 to boost his company's business. Vikas Singla, who worked for Securolytics, a network security company that provided services to the healthcare industry, pleaded guilty to hacking into the systems of GMC Northside Hospital hospitals in Duluth and Lawrenceville, as prosecutors said…
Read More

InfoSec News Nuggets 11/21/2023

Two top Ukrainian cyber officials dismissed amid embezzlement probe  Two high-ranking cybersecurity officials in Ukraine were dismissed on Monday, according to a senior government official, amid an investigation into suspected embezzlement of state funds. Yurii Shchyhol, the head of Ukraine’s State Service for Special Communications and Information Protection (SSSCIP), said in a statement that he submitted his resignation from the post early this morning. “I am confident that I will be able to prove my innocence during an…
Read More

InfoSec News Nuggets 11/20/2023

U.S. Cybersecurity Agencies Warn of Scattered Spider's Gen Z Cybercrime Ecosystem  U.S. cybersecurity and intelligence agencies have released a joint advisory about a cybercriminal group known as Scattered Spider that's known to employ sophisticated phishing tactics to infiltrate targets. "Scattered Spider threat actors typically engage in data theft for extortion using multiple social engineering techniques and have recently leveraged BlackCat/ALPHV ransomware alongside their usual TTPs," the agencies said. The threat actor, also tracked under the monikers Muddled Libra,…
Read More

InfoSec News Nuggets 11/17/2023

Samsung Data Breach: Hackers Steal Data of UK Customers  Samsung has notified its customers in the United Kingdom that a data breach has exposed the personal information of thousands of individuals. The breach impacted customers who made purchases on the company’s UK online store between July 1, 2019, and June 30, 2020. The company discovered the breach on November 13, 2023, and determined that an unauthorized individual exploited a vulnerability in a third-party business application to…
Read More

InfoSec News Nuggets 11/16/2023

FBI Director: FISA Section 702 warrant requirement a 'de facto ban'  FBI director Christopher Wray made yet another impassioned plea to US lawmakers to kill a proposed warrant requirement for so-called "US person queries" of data collected via the Feds' favorite snooping tool, FISA Section 702. This controversial amendment to the Foreign Intelligence Surveillance Act will expire at the end of December unless Congress reauthorizes it. As the deadline draws near, and reform looms, the FBI and other…
Read More

InfoSec News Nuggets 11/15/2023

Ethereum feature abused to steal $60 million from 99K victims  Malicious actors have been abusing Ethereum's 'Create2' function to bypass wallet security alerts and poison cryptocurrency addresses, which led to stealing $60,000,000 worth of cryptocurrency from 99,000 people in six months. This is reported by Web3 anti-scam specialists at 'Scam Sniffer,' who observed several cases of in-the-wild exploitation of the function, in some cases losses incurred by one individual reaching up to $1.6 million.    The…
Read More

InfoSec News Nuggets 11/14/2023

Hikers rescued after following non-existent trail on Google Maps  A search-and-rescue group in British Columbia advised hikers to use a paper map and compass instead of street map programs after it said two hikers had been rescued by helicopter after likely following a trail that did not exist, but that appeared on Google Maps. The group, North Shore Rescue, said on Facebook that on November 6 Google Maps had removed the non-existent trail, in a very steep area…
Read More

InfoSec News Nuggets 11/13/2023

Downfall fallout: Intel knew AVX chips were insecure and did nothing, lawsuit claims  Intel has been sued by a handful of PC buyers who claim the x86 goliath failed to act when informed five years ago about faulty chip instructions that allowed the recent Downfall vulnerability, and during that period sold billions of insecure chips. The lawsuit [PDF], filed on behalf of five plaintiffs in a US federal court in San Jose, California, claims Intel knew about…
Read More

InfoSec News Nuggets 11/10/2023

NIST releases revised cyber requirements for controlled unclassified information  The National Institute of Standards and Technology on Thursday released draft guidance for protecting sensitive unclassified information, outlining revised cybersecurity requirements for federal agencies and government contractors to take when it comes to safeguarding government data. The proposed guidelines are the third iteration of NIST’s standards and practices for protecting controlled unclassified information — or CUI — which refers to government-owned or created data that is not…
Read More

InfoSec News Nuggets 11/09/2023

Monero Project admits thieves stole 6-figure sum from a wallet in mystery breach  The Monero Project is admitting that one of its wallets was drained by an unknown source in September, losing the equivalent of around $437,000 at today's exchange rate. A Monero Project maintainer who goes by the alias of Luigi announced on November 2 that the project's community crowdfunding system (CCS) wallet was drained of 2,675.73 XMR on September 1. The team behind Monero is…
Read More

InfoSec News Nuggets 11/08/2023

Google, Meta, Discord, and more team up to fight child abuse online  A new program called Lantern aims to fight online child sexual exploitation and abuse (OCSEA) with cross-platform signal sharing between online companies like Meta and Discord. The Tech Coalition, a group of tech businesses with a cooperative aim to fight online child sexual exploitation, wrote in today’s announcement that the program is an attempt to keep predators from avoiding detection by moving potential…
Read More

InfoSec News Nuggets 11/07/2023

Microsoft Discovers Chinese Cyber Group Spying on Guam, Other US Locations  Microsoft has discovered a China-based hacking group targeting network systems and credential access in Guam and other US territories. Called Volt Typhoon, the criminals specialize in espionage and associated information-gathering activities aimed against critical infrastructure organizations. Documented exploits by the hackers show that they operate and maintain compromised access “without being detected for as long as possible.” Among the victims of attacks are the government, maritime, communications, manufacturing, transportation,…
Read More

InfoSec News Nuggets 11/06/2023

Discord will switch to temporary file links to block malware delivery  Discord will switch to temporary file links for all users by the end of the year to block attackers from using its CDN (content delivery network) for hosting and pushing malware. "Discord is evolving its approach to attachment CDN URLs in order to create a safer and more secure experience for users. In particular, this will help our safety team restrict access to flagged content,…
Read More

InfoSec News Nuggets 11/03/2023

Facebook and Instagram are banned from using targeted ads in Europe Meta’s Facebook and Instagram will have to stop using targeted ads across their platforms for even longer, just months after a temporary Norwegian Data Protection Authority (DPA) ban came into play in July. Now, Ireland's Data Protection Commission (DPC) is to ban the processing of personal data for targeted ads, and its effects will be felt across the entire European Economic Area (EEA), including…
Read More

InfoSec News Nuggets 11/02/2023

3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online  Over three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution (RCE) vulnerability. Apache ActiveMQ is a scalable open-source message broker that fosters communication between clients and servers, supporting Java and various cross-language clients and many protocols, including AMQP, MQTT, OpenWire, and STOMP. Thanks to the project's support for a diverse set of secure authentication and authorization mechanisms, it is widely used…
Read More

InfoSec News Nuggets 11/01/2023

Canada Bans WeChat and Kaspersky Apps On Government Devices  Canada on Monday announced a ban on the use of apps from Tencent and Kaspersky on government mobile devices, citing an "unacceptable level of risk to privacy and security." "The Government of Canada is committed to keeping government information and networks secure," the Canadian government said. "We regularly monitor potential threats and take immediate action to address risks." To that end, Tencent's WeChat and Kaspersky's suite of…
Read More

InfoSec News Nuggets 10/31/2023

AI doomsday warnings a distraction from the danger it already poses, warns expert Focusing on doomsday scenarios in artificial intelligence is a distraction that plays down immediate risks such as the large-scale generation of misinformation, according to a senior industry figure attending this week’s AI safety summit. Aidan Gomez, co-author of a research paper that helped create the technology behind chatbots, said long-term risks such as existential threats to humanity from AI should be “studied…
Read More

InfoSec News Nuggets 10/30/2023

Stanford University investigating cyberattack after ransomware claims  Stanford University is investigating a cybersecurity incident within its Department of Public Safety after a ransomware gang claimed it attacked the school on Friday. A spokesperson for the university directed Recorded Future News to a statement published late on Friday afternoon explaining that it is in the process of figuring out the details of the incident. “We are continuing to investigate a cybersecurity incident at the Stanford University…
Read More

InfoSec News Nuggets 10/27/2023

UK government accused of ‘vandalism’ over abolishing biometrics safeguards  The British government’s plans to remove safeguards around biometrics and public space surveillance were described on Thursday as “shocking” and “tantamount to vandalism” by an outgoing commissioner. Fraser Sampson, the biometrics and surveillance camera commissioner, said: “The loss of regulation and oversight in this key area comes just as the evolution of AI-driven biometric surveillance makes it more important than ever.” It comes as Prime Minister Rishi Sunak…
Read More

InfoSec News Nuggets 10/26/2023

AWS announces ‘sovereign cloud’ to support data residency in Europe  Amazon is joining the list of big tech companies to introduce a dedicated independent cloud for Europe, with news that it’s working on the “AWS European Sovereign Cloud” for governments and highly-regulated industries across Europe. AWS’s cloud rival Google partnered with Deutsche Telekom’s IT services and consulting subsidiary T-Systems more than two years ago to offer a sovereign cloud for German organizations, while Microsoft launched its “cloud for sovereignty” last year.…
Read More

InfoSec News Nuggets 10/25/2023

Decentralized Matrix messaging network says it now has 115M users  The team behind the Matrix open standard and real-time communication protocol has announced the release of its second major version, bringing end-to-end encryption to group VoIP, faster loading times, and more. Additionally, the Synapse open-source Matrix homeserver's opt-in usage reporting indicates that unique matrix IDs on the public network have surpassed 115 million, indicating massive growth of the protocol. This growth is nearly doubled from its 60 million users in July 2022,…
Read More

InfoSec News Nuggets 10/24/2023

CITY OF PHILADELPHIA SUFFERS A DATA BREACH  The City of Philadelphia announced it is investigating a data breach after attackers that threat actors broke some of City email accounts containing personal and protected health information. The incident was discovered on May 24, but further investigation revealed that threat actors have had access to the compromised email accounts at least since March 2023. “On May 24, 2023, the City initially became aware of suspicious activity in…
Read More

InfoSec News Nuggets 10/23/2023

Casio discloses data breach impacting customers in 149 countries Japanese electronics manufacturer Casio disclosed a data breach impacting customers from 149 countries after hackers gained to the servers of its ClassPad education platform. Casio detected the incident on Wednesday, October 11, following the failure of a ClassPad database within the company's development environment. Evidence suggests that the attacker accessed customers' personal information a day later, on October 12. The exposed data includes customer names, email…
Read More

InfoSec News Nuggets 10/20/2023

After X, Meta and TikTok get EU request for info on response to Israel-Hamas war  Meta and TikTok have each been sent formal requests for information by the European Union under the bloc’s Digital Services Act (DSA), the Commission said today. In recent days, EU regulators has expressed concern about illegal content and disinformation circulating on social media platforms following attacks in the Middle East and the ongoing Israel-Hamas war. Last week the Commission took the same formal…
Read More

InfoSec News Nuggets 10/19/2023

The Fake Browser Update Scam Gets a Makeover  One of the oldest malware tricks in the book — hacked websites claiming visitors need to update their Web browser before they can view any content — has roared back to life in the past few months. New research shows the attackers behind one such scheme have developed an ingenious way of keeping their malware from being taken down by security experts or law enforcement: By hosting…
Read More

InfoSec News Nuggets 10/18/2023

A surveillance tower in Mexico becomes an unsettling landmark for privacy advocates  The building will have 1,791 automated license plate readers. 3,065 pan-tilt-zoom cameras. 74 drones. Live feeds from cameras owned by neighborhood businesses and residents. Biometric filters running constantly to support facial recognition. Connections to infrastructure throughout the city. Those monitoring tools and many others will be embedded in Mexico’s Torre Centinela (Sentinel Tower), a nearly $200 million, 20-story surveillance colossus situated in Chihuahua, a…
Read More

InfoSec News Nuggets 10/17/2023

Equifax Fined $13.5 Million Over 2017 Data Breach  The British watchdog Financial Conduct Authority (FCA) on Friday announced that it has fined Equifax Ltd, the UK arm of credit reporting firm Equifax Inc, more than £11 million (approximately $13.5 million) over the massive 2017 data breach. Roughly 147 million people were impacted by the incident, including 13.8 million UK consumers, after hackers gained access to Equifax servers in the US. In 2020, the US government indicted four…
Read More

InfoSec News Nuggets 10/16/2023

California AirTag Lawsuit Widened to Include Dozens More Stalking Cases Apple is facing an expanded class action lawsuit in federal court in San Francisco by more than three dozen victims allegedly terrorized by stalkers using Apple AirTags, reports ArsTechnica. The complaint targets Apple alleged negligence in allowing ‌AirTags‌ to become "one of the most dangerous and frightening technologies employed by stalkers" since they can be easily used used to determine "real-time location information to track…
Read More

InfoSec News Nuggets 10/13/2023

No Fakes Act wants to protect actors and singers from unauthorized AI replicas  A bipartisan bill seeks to create a federal law to protect actors, musicians, and other performers from unauthorized digital replicas of their faces or voices. The Nurture Originals, Foster Art, and Keep Entertainment Safe Act of 2023 — or the No Fakes Act — standardizes rules around using a person’s faces, names, and voices. Sens. Chris Coons (D-DE), Marsha Blackburn (R-TN), Amy Klobuchar (D-MN),…
Read More

InfoSec News Nuggets 10/12/2023

Gen Z hackers created a sophisticated new playbook for cyberattacks  There’s a new generation of hackers in town. Brought up with digital currency, skilled at social engineering, and aided by online resources their predecessors could only dream of, young internet raiders—some still teenagers—are finding creative ways to rob some of the world’s largest firms and making off with eye-popping sums. Since late last year, more than 100 organizations, from Comcast to Clorox to Grubhub, have been…
Read More

InfoSec News Nuggets 10/11/2023

HTTP/2 Zero-Day Vulnerability Results in Record-Breaking DDoS Attacks Earlier today, Cloudflare, along with Google and Amazon AWS, disclosed the existence of a novel zero-day vulnerability dubbed the “HTTP/2 Rapid Reset” attack. This attack exploits a weakness in the HTTP/2 protocol to generate enormous, hyper-volumetric Distributed Denial of Service (DDoS) attacks. Cloudflare has mitigated a barrage of these attacks in recent months, including an attack three times larger than any previous attack we’ve observed, which exceeded 201…
Read More

InfoSec News Nuggets 10/10/2023

Hackers Join In on Israel-Hamas War With Disruptive Cyberattacks Hamas launched an unprecedented attack on Israel out of Gaza, firing thousands of rockets and sending its fighters to the southern part of the country. In response, Israel declared war on Hamas and started to retaliate. Hundreds have been killed and thousands have been wounded on both sides as a result of the conflict escalation.  In addition to the state-sponsored actors that have likely ramped up…
Read More

InfoSec News Nuggets 10/09/2023

Cisco releases urgent patch for flaw that could let hackers access Emergency Response Systems  Cisco Emergency Responder (CER), the company’s emergency communication system used to respond to crises in a timely manner, had hardcoded credentials, allowing hackers with knowledge of this fact easy access to the systems. The news was confirmed by the company itself, which recently released a new patch to address the problem. The vulnerability is tracked as CVE-2023-20101 and comes with a…
Read More

InfoSec News Nuggets 10/06/2023

Hundreds of malicious Python packages found stealing sensitive data A malicious campaign that researchers observed growing more complex over the past half year, has been planting on open-source platforms hundreds of info-stealing packages that counted about 75,000 downloads. The campaign has been monitored since early April by analysts at Checkmarx's Supply Chain Security team, who discovered 272 packages with code for stealing sensitive data from targeted systems. The attack has evolved significantly since it was…
Read More

InfoSec News Nuggets 10/05/2023

Say (an encrypted) hello to a more private internet  As web users, what we say and do online is subject to pervasive surveillance. Although we typically associate online tracking with ad networks and other third-party sites, our online communications travel across commercial telecommunication networks, allowing these privileged entities to siphon the names of the websites we visit and monetize our browsing history for their own gain. Enter Encrypted Client Hello (ECH) – by encrypting that first “hello”…
Read More

InfoSec News Nuggets 10/04/2023

Motel One Discloses Ransomware Attack Impacting Customer Data Budget hotel chain Motel One Group on Monday confirmed that some customer information and credit card data was stolen in a recent ransomware attack. The hackers gained access to the hotel operator’s internal systems and attempted to deploy file-encrypting ransomware, but were only partially successful, the company claims. “Thanks to extensive measures, the impact was kept to a relative minimum. The business operation of one of Europe’s…
Read More

InfoSec News Nuggets 10/03/2023

Cybersecurity Awareness Month Celebrates 20 Years  Cybersecurity Awareness Month was founded in 2004 and this year sees the initiative celebrate 20 years of raising awareness of security issues relating to our use of technology. During the month of October, the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) partner to create resources and messaging for organizations to use when they talk with their employees, customers, and memberships about staying safe online. ‘Secure Our…
Read More

InfoSec News Nuggets 10/02/2023

Phishing, Smishing Surge Targets US Postal Service Recent weeks have witnessed a significant increase in cyber-attacks targeting the US Postal Service (USPS), mainly through phishing and smishing campaigns. The surge in these attacks has prompted DomainTools researchers to delve into their origins and implications, with findings described in an advisory published on Thursday. One smishing message raised suspicions due to its peculiar language, suggesting the involvement of a non-native English speaker or reliance on translation…
Read More

InfoSec News Nuggets 09/29/2023

Divided oversight panel recommends new limits for Section 702 searches  A key government oversight board is divided along partisan lines about placing new restrictions on a controversial foreign surveillance tool before it lapses at the end of the calendar year. The recommendations from the Privacy and Civil Liberties Oversight Board (PCLOB) could pose a new headache for the Biden administration, which desperately wants to renew the authority known as Section 702 of the Foreign Intelligence Surveillance…
Read More

InfoSec News Nuggets 09/28/2023

Valve fails to get out of paying its EU geo-blocking fine Valve has failed to convince a court that it didn't infringe EU law by geo-blocking activation keys, according to a new ruling. The company argued that, based on copyright law, publishers had the right to charge different prices for games in different countries. However, the EU General Court confirmed that its geo-blocking actions "infringed EU competition law"and that copyright law didn't apply.   Google…
Read More