31 May 2023
By Mary

InfoSec News Nuggets 05/31/2023

The Sobering Truth About Ransomware—For The 80% Who Paid Up  Newly published research of 1,200 organizations impacted by ransomware reveals a sobering truth that awaits many of those who decide to pay the ransom. According to research from data resilience specialists Veeam, some 80% of the organizations surveyed decided to pay the demanded ransom in order to both end the ongoing cyber attack and recover otherwise lost data. This despite 41% of those organizations having a “do…
Read More
30 May 2023
By Mary

InfoSec News Nuggets 05/30/2023

Emby shuts down user media servers hacked in recent attack  Emby says it remotely shut down an undisclosed number of user-hosted media server instances that were recently hacked by exploiting a previously known vulnerability and an insecure admin account configuration. "We have detected a malicious plugin on your system which has probably been installed without your knowledge. [..] For your safety we have shutdown your Emby Server as a precautionary measure," the company informed users of affected servers in…
Read More
26 May 2023
By Mary

InfoSec News Nuggets 05/26/2023

Microsoft 365 phishing attacks use encrypted RPMSG messages  Attackers are now using encrypted RPMSG attachments sent via compromised Microsoft 365 accounts to steal Microsoft credentials in targeted phishing attacks designed to evade detection by email security gateways. RPMSG files (also known as restricted permission message files) are encrypted email message attachments created using Microsoft's Rights Management Services (RMS) and offer an extra layer of protection to sensitive info by restricting access to authorized recipients. Recipients who want to read…
Read More
25 May 2023
By Mary

InfoSec News Nuggets 05/25/2023

US sanctions North Korean entities involved in cyberattacks and IT worker fraud The U.S. Treasury Department on Tuesday announced new sanctions on four entities that employ thousands of North Korean IT workers who help illicitly finance the regime's missile and weapons of mass destruction programs. North Korea maintains legions of “highly skilled” IT workers around the globe, primarily in China and Russia, who “generate revenue that contributes to its unlawful WMD and ballistic missile programs,” according…
Read More
24 May 2023
By Mary

InfoSec News Nuggets 05/24/2023

FTC Accuses Defunct Edtech Company Edmodo of Violating Kids' Privacy The Federal Trade Commission announced a proposed $6 million settlement with education technology company Edmodo Tuesday for collecting data from kids without parental consent and using it to sell ads in violation of the Children’s Online Privacy Protection Act (COPPA). The case is unusual for several reasons, including the fact that the Edmodo went out of business while the government was still investigating. The FTC is on a tear in recent months, upending the…
Read More
23 May 2023
By Mary

InfoSec News Nuggets 05/23/2023

The fax is still king in healthcare — and it’s not going away anytime soon The fax — that 1940s technology that exploded in the 1980s and operates by copying an image and transmitting it through squeaks and squawks over a phone line — is still used by a large majority of healthcare providers, insurance payers, and pharmacies. And it’s simply not going away anytime soon. As recently as 2019, seven in 10 hospitals were…
Read More
22 May 2023
By Mary

InfoSec News Nuggets 05/22/2023

Food distributor Sysco says cyberattack potentially leaked 125,000 Social Security numbers  A cyberattack on Sysco, one of the world’s largest food distributors, gave hackers access to the sensitive personal information of more than 125,000 current and former employees. In documents filed with state regulators in Maine, the company said an incident in January leaked troves of sensitive employee information. Sysco has more than 71,000 current employees, operates in over 90 countries and reported sales of more than $68…
Read More
19 May 2023
By Mary

InfoSec News Nuggets 05/19/2023

Google’s turning off third-party cookies for 1 percent of Chrome users early next year  Google has been talking about a plan for Chrome to block the third-party cookies that can track user activity across many different websites since 2020. Its stated intention at the time was to complete the shift within two years. Three years later, it hasn’t happened, as its proposals for replacement technology have been criticized by competitors and privacy advocates and scrutinized by regulators who…
Read More
18 May 2023
By Mary

InfoSec News Nuggets 05/18/2023

Capita accused of ‘unsafe storage of personal data’ following data breach  Capita, the British outsourcing company hit by a ransomware attack in March, is facing a growing list of complaints from customers following the revelation of another data breach. Colchester City Council, which contracts Capita for financial services, has accused the company of “unsafe storage of personal data” over an historical incident that predates the ransomware attack but came to light afterwards. As first reported by TechCrunch earlier this month, Capita…
Read More
17 May 2023
By Mary

InfoSec News Nuggets 05/17/2023

ChatGPT's chief to testify before Congress as concerns grow about artificial intelligence risks  The head of the artificial intelligence company that makes ChatGPT will testify before Congress as lawmakers call for new rules to guide the rapid development of AI technology. OpenAI CEO Sam Altman is scheduled to speak at a Senate hearing Tuesday. His San Francisco-based startup rocketed to public attention after its release late last year of ChatGPT, a free chatbot tool that answers questions with convincingly…
Read More
16 May 2023
By Mary

InfoSec News Nuggets 05/16/2023

Airline exposes passenger info to others due to a 'technical error'  airBaltic, Latvia's flag carrier has acknowledged that a 'technical error' exposed reservation details of some of its passengers to other airBaltic passengers. Passengers also reported receiving unexpected emails which addressed them by the name of another customer. The Riga-based airline, incorporated as AS Air Baltic Corporation operates flights to 80 destinations and is 97% government-owned. Although the air carrier says the leak impacts a small percentage of its customers…
Read More
15 May 2023
By Mary

InfoSec News Nuggets 05/15/2023

Brightly says SchoolDude data breach spilled 3 million user accounts  Software maker Brightly has confirmed that hackers stole close to three million SchoolDude user accounts in an April data breach. SchoolDude is a cloud-based work order management system, used primarily by schools and universities, to submit and track maintenance orders. Its users are school employees, like principals, executives and maintenance workers, as well as students and other staff submitting repair requests. In a data breach notice filed with the Maine attorney general’s…
Read More
12 May 2023
By Mary

InfoSec News Nuggets 05/12/2023

Australian software giant won’t say if customers affected by hack  Australian enterprise software company TechnologyOne has halted trading after confirming it was hit by a cyberattack. In a stock exchange filing on Wednesday, the Brisbane-based software maker said it had detected that “an unauthorized third-party acted illegally to access its internal Microsoft 365 back-office system.” TechnologyOne said the company’s customer-facing platform is not connected to the affected Microsoft 365 system and “therefore has not been impacted,” but when reached, the company would…
Read More
11 May 2023
By Mary

InfoSec News Nuggets 05/11/2023

Hackers attempt to extort Dragos and its executives in suspected ransomware attempt  Unknown hackers attempted to infiltrate Dragos, one of the leading industrial cybersecurity firms that works with government agencies and utilities globally, in a unsuccessful campaign that targeted the company’s executives and their family members, the firm said on Wednesday. “We are confident that our layered security controls prevented the threat actor from accomplishing what we believe to be their primary objective of launching ransomware,”…
Read More
10 May 2023
By Mary

InfoSec News Nuggets 05/10/2023

US authorities seize more domains linked to prolific DDoS-for-hire websites  U.S. authorities have seized 13 more domains linked to some of the world’s most popular DDoS-for-hire websites. These websites, also described as “booter” or “stressor” services, are marketed as legitimate security testing tools that allow admins to stress-test websites. In reality, the services are used for launching denial-of-service (DDoS) attacks designed to overwhelm websites and networks and force them offline. The DOJ announced on Monday that the FBI had…
Read More
09 May 2023
By Mary

InfoSec News Nuggets 05/09/2023

WhatsApp could disappear from UK over privacy concerns, ministers told  The UK government risks sleepwalking into a confrontation with WhatsApp that could lead to the messaging app disappearing from Britain, ministers have been warned, with options for an amicable resolution fast running out. At the centre of the row is the online safety bill, a vast piece of legislation that will touch on almost every aspect of online life in Britain. More than four years in the making, with eight…
Read More
05 May 2023
By Mary

InfoSec News Nuggets 05/05/2023

Microsoft Is Ending Windows 10 Updates  Microsoft is finished with major updates to Windows 10, the tech giant said in a blog post Thursday. Windows 10 version 22H2 is the current and final version of the operating system, though Microsoft said it will continue to release monthly security updates for all Windows 10 editions until it reaches end of support on Oct. 14, 2025. Existing long-term servicing channel, or LTSC, releases will still receive updates beyond that end…
Read More
04 May 2023
By Mary

InfoSec News Nuggets 05/04/2023

Apple and Google Join Forces to Stop Unauthorized Tracking Alert System  Apple and Google have teamed up to work on a draft industry-wide specification that's designed to tackle safety risks and alert users when they are being tracked without their knowledge or permission using devices like AirTags. "The first-of-its-kind specification will allow Bluetooth location-tracking devices to be compatible with unauthorized tracking detection and alerts across Android and iOS platforms," the companies said in a joint statement. While these trackers…
Read More
03 May 2023
By Mary

InfoSec News Nuggets 05/03/2023

Western Digital hackers publish leaked images to taunt storage giant Hackers that breached Western Digital(opens in new tab)’s (WD) systems and stole sensitive data in late March 2023 have posted a series of screenshots of internal emails and other company communication which they say shows WD’s poor efforts to address the incident. Cybersecurity researcher Dominic Alvieri discovered a total of 29 screenshots showing emails, documents, and video conferences, all related to the actions WD took following the…
Read More
02 May 2023
By Mary

InfoSec News Nuggets 05/02/2023

Hackers leak images to taunt Western Digital's cyberattack response The ALPHV ransomware operation, aka BlackCat, has published screenshots of internal emails and video conferences stolen from Western Digital, indicating they likely had continued access to the company's systems even as the company responded to the breach. The leak comes after the threat actor warned Western Digital on April 17th that they would hurt them until they "cannot stand anymore" if a ransom was not paid.…
Read More
01 May 2023
By Mary

InfoSec News Nuggets 05/01/2023

Many Public Salesforce Sites are Leaking Private Data  A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures all stem from a misconfiguration in Salesforce Community that allows an unauthenticated user to access records that should only be available after logging in. Salesforce Community is a widely-used cloud-based software product that makes it easy for organizations to…
Read More
28 Apr 2023
By Mary

InfoSec News Nuggets 04/28/2023

Continuous Scanning Is Imperative for Effective Web Application Security Software moves fast. With so many Web applications and APIs being built and modified in increasingly complex IT environments, securing your attack surface — which can change hourly or multiple times a day — is a challenge. Traditional approaches to security, like one-off tests or periodic scans, are no longer enough to get the job done and done well. Attackers are zeroing in on these apps…
Read More
27 Apr 2023
By Mary

InfoSec News Nuggets 04/27/2023

Metaverse Version of the Dark Web Could be Nearly Impenetrable As the metaverse takes shape over the coming years, many of the security issues afflicting cyberspace will begin to spill over into virtual space as well. One of the biggest of these threats will be the emergence of a new "darkverse," where criminals will be able to operate with greater impunity and more dangerously than they are able to do now on the Dark Web,…
Read More
26 Apr 2023
By Mary

InfoSec News Nuggets 04/26/2023

Security Failures At TikTok’s Virginia Data Centers: Unescorted Visitors, Mystery Flash Drives And Illicit Crypto Mining  For years, TikTok has told lawmakers that the private data of its U.S. users is secured — and safe from potential influence or exfiltration — in a cluster of data centers located in Northern Virginia. But interviews with seven current and former employees and more than 60 documents, photos and videos from the data centers reveal that the centers have faced…
Read More
25 Apr 2023
By Mary

InfoSec News Nuggets 04/25/2023

IT staffers would help colleagues avoid monitoring software The use of invasive monitoring software that tracks employee productivity is unlikely to be popular with workers — and it turns out IT staffers aren’t keen on deploying the technology either. In fact, many IT workers are apparently willing to defy company policy and help colleagues find workarounds to avoid being spied on by the boss. That’s according to a survey of 500 IT managers and 500 non-manager IT workers…
Read More
24 Apr 2023
By Mary

InfoSec News Nuggets 04/24/2023

Microsoft has a new way of naming security threats Microsoft is banking on our human obsession with the weather to help make identifying security threats easier with a shakeup(opens in new tab) to its taxonomy. As of April 2023, Microsoft will now be using weather events to help identify threats across five key groups, including financially motivated, private sector offensive actors (PSOAs), influence operations, groups in development, and finally nation states. The company hopes that…
Read More
20 Apr 2023
By Mary

InfoSec News Nuggets 04/20/2023

The Car Thieves Using Tech Disguised Inside Old Nokia Phones and Bluetooth Speakers  A man sitting in the driver’s seat of a Toyota is repeatedly tapping a button next to the steering wheel. A red light flashes—no luck, the engine won’t start. He doesn’t have the key. In response, the man pulls up an usual tool: a Nokia 3310 phone. The man plugs the phone into the car using a black cable. He then flicks through…
Read More
19 Apr 2023
By Mary

InfoSec News Nuggets 04/19/2023

This ATM Scam Is Masquerading As an Act of Kindness  Taking money out of an ATM can be a fairly nerve-wracking thing to do depending on where you are and what time of the day or night it is. Having someone show you any kind of altruistic behavior, like letting you know you dropped some cash on the floor, can lower your defenses and give you hope that the universe is not out to get you. Except…
Read More
18 Apr 2023
By Mary

InfoSec News Nuggets 04/18/2023

Payments Giant NCR Hit by Ransomware  NCR first reported investigating an “issue” related to its Aloha restaurant point-of-sale (PoS) product on April 12. On April 15, the company said a limited number of ancillary Aloha applications for a subset of its hospitality customers had been impacted by an outage at a single data center. “On April 13, we confirmed that the outage was the result of a ransomware incident. Immediately upon discovering this development we began…
Read More
17 Apr 2023
By Mary

InfoSec News Nuggets 04/17/2023

TikTok ban gets final approval by Montana's GOP legislature  Montana's House gave final passage Friday to a bill banning the social media app TikTok from operating in the state, a move that's bound to face legal challenges but also serve as a testing ground for the TikTok-free America many national lawmakers envision due to concerns over potential Chinese spying. The House voted 54-43 in favor of the measure, which would make Montana the first state with a total…
Read More
14 Apr 2023
By Mary

InfoSec News Nuggets 04/14/2023

Leaker of U.S. secret documents worked on military base, friend says  The man behind a massive leak of U.S. government secrets that has exposed spying on allies, revealed the grim prospects for Ukraine’s war with Russia and ignited diplomatic fires for the White House is a young, charismatic gun enthusiast who shared highly classified documents with a group of far-flung acquaintances searching for companionship amid the isolation of the pandemic. United by their mutual love of guns, military gear and…
Read More
13 Apr 2023
By Mary

InfoSec News Nuggets 04/13/2023

Hyundai data breach exposes owner details in France and Italy  Hyundai has disclosed a data breach impacting Italian and French car owners and those who booked a test drive, warning that hackers gained access to personal data. Hyundai is a multinational automotive manufacturer selling over half a million vehicles per year in Europe, with a market share of roughly 3% in France and Italy. Hyundai says they engaged IT experts in response to the incident, who have…
Read More
12 Apr 2023
By Mary

InfoSec News Nuggets 04/12/2023

Did someone really hack into the Oldsmar, Florida, water treatment plant? New details suggest maybe not.  It was the kind of doomsday scenario cybersecurity experts had been warning about for years: hackers infiltrate a small water utility and try to poison the local population. And that’s exactly what appeared to happen in February 2021 in Oldsmar, Florida. News of hackers remotely tampering with levels of lye at the local water treatment facility alarmed officials, shocked the…
Read More
11 Apr 2023
By Mary

InfoSec News Nuggets 04/11/2023

KFC, Pizza Hut owner discloses data breach after ransomware attack  Yum! Brands, the brand owner of the KFC, Pizza Hut, and Taco Bell fast food chains, is now sending data breach notification letters to an undisclosed number of individuals whose personal information was stolen in a January 13 ransomware attack. This comes after the company said that although some data was stolen from its network, it has no evidence that the attackers exfiltrated any customer information. In…
Read More
10 Apr 2023
By Mary

InfoSec News Nuggets 04/10/2023

Apple fixes two zero-days exploited to hack iPhones and Macs  Apple has released emergency security updates to address two new zero-day vulnerabilities exploited in attacks to compromise iPhones, Macs, and iPads. "Apple is aware of a report that this issue may have been actively exploited," the company said when describing the issues in security advisories published on Friday. The first security flaw (tracked as CVE-2023-28206) is an IOSurfaceAccelerator out-of-bounds write that could lead to corruption of data, a crash, or code execution.   …
Read More
07 Apr 2023
By Mary

InfoSec News Nuggets 04/07/2023

The Pope's Security Gets a Boost With Vatican's MDM Move  The world's smallest and most antiquated army is taking a step towards modernizing its cyber defenses. Just ahead of the pre-Easter Holy Week for Catholics, Samsung announced that the Pontifical Swiss Guard (GSP) — the elite security force charged with protecting the Vatican and the Pope — is adopting the Knox Suite, a bundle of services for managing and securing mobile devices.    Adobe Reset User Passwords as…
Read More
06 Apr 2023
By Mary

InfoSec News Nuggets 04/06/2023

Hackers posed as reporters in attacks on North Korea experts, Google says  Government-backed hackers allegedly connected to the North Korean military targeted people with expertise in North Korea policy issues by posing as journalists, according to a new report. Researchers from Google’s Threat Analysis Group (TAG) released the report Wednesday as a follow-up to one published last week by cybersecurity firm Mandiant — which is owned by Google. Mandiant’s report highlighted the work of APT43, a group of…
Read More
05 Apr 2023
By Mary

InfoSec News Nuggets 04/05/2023

‘Smart’ tech is being weaponised by domestic abusers, and women are experiencing the worst of it  Readers may be familiar with the famous Dolly Parton line “It costs a lot of money to look this cheap”. I like to paraphrase it. If I have a guest at my home, I’ll sweep my hand across the room and say: “Friend, it took a lot of learning to live this dumb.” No, I’m not talking about learning to wear…
Read More
04 Apr 2023
By Mary

InfoSec News Nuggets 04/04/2023

IRS System Doesn’t Meet All Cloud Security Requirements, Watchdog Says  The IRS’s Enterprise Case Management System did not always meet established cloud security requirements, the Treasury Department’s Inspector General found. In a new report, the IG found the IRS did not meet every agency guideline for cloud operations, despite running the ECM system—a hybrid cloud system aimed at modernizing and consolidating the IRS’s legacy case management system—under the agency’s cloud authorization. The system “processes and stores sensitive…
Read More
03 Apr 2023
By Mary

InfoSec News Nuggets 04/03/2023

Italian regulators order ChatGPT ban over alleged violation of data privacy laws  Italy’s national privacy regulator has ordered an effective ban of AI chatbot ChatGPT, accusing creators OpenAI of “unlawful collection of personal data.” It’s ordered OpenAI to stop collecting Italian users’ data immediately until it amends its data collection practices. The country’s Data Protection Authority, the GPDP, issued a press release this morning saying that the company lacks lawful justification for the collection of users’ personal information. The GPDP says that OpenAI also has no mechanism in place…
Read More
31 Mar 2023
By Mary

InfoSec News Nuggets 03/31/2023

Pro-Russian hackers target elected US officials supporting Ukraine  Threat actors aligned with Russia and Belarus are targeting elected US officials supporting Ukraine, using attacks that attempt to compromise their email accounts, researchers from security firm Proofpoint said. The campaign, which also targets officials of European nations, uses malicious JavaScript that’s customized for individual webmail portals belonging to various NATO-aligned organizations, a report Proofpoint published Thursday said. The threat actor—which Proofpoint has tracked since 2021 under the name…
Read More
30 Mar 2023
By Mary

InfoSec News Nuggets 03/30/2023

WiFi protocol flaw allows attackers to hijack network traffic Cybersecurity researchers have discovered a fundamental security flaw in the design of the IEEE 802.11 WiFi protocol standard, allowing attackers to trick access points into leaking network frames in plaintext form. WiFi frames are data containers consisting of a header, data payload, and trailer, which include information such as the source and destination MAC address, control, and management data. These frames are ordered in queues and…
Read More
29 Mar 2023
By Mary

InfoSec News Nuggets 03/29/2023

Tech Press Slowly Figuring Out That Banning TikTok Doesn’t Fix The Actual Problem  The great TikTok moral panic of 2023 is largely a distraction. It’s a distraction from the fact we’ve refused to meaningfully regulate dodgy data brokers, who traffic in everything from your daily movement habits to your mental health diagnosis. And it’s a distraction from our corrupt failure to pass even a baseline privacy law for the internet era. Until the last few weeks, that’s been an oddly…
Read More
28 Mar 2023
By Mary

InfoSec News Nuggets 03/28/2023

Android app from China executed 0-day exploit on millions of devices  Android apps digitally signed by China’s third-biggest e-commerce company exploited a zero-day vulnerability that allowed them to surreptitiously take control of millions of end-user devices to steal personal data and install malicious apps, researchers from security firm Lookout have confirmed. The malicious versions of the Pinduoduo app were available in third-party markets, which users in China and elsewhere rely on because the official Google Play market is…
Read More
24 Mar 2023
By Mary

InfoSec News Nuggets 03/24/2023

Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers Telecommunication providers in the Middle East are the subject of new cyber attacks that commenced in the first quarter of 2023. The intrusion set has been attributed to a Chinese cyber espionage actor associated with a long-running campaign dubbed Operation Soft Cell based on tooling overlaps. "The initial attack phase involves infiltrating Internet-facing Microsoft Exchange servers to deploy web shells used for command execution," researchers from SentinelOne…
Read More
23 Mar 2023
By Mary

InfoSec News Nuggets 03/23/2023

North Korean hackers using Chrome extensions to steal Gmail emails A joint cybersecurity advisory from the German Federal Office for the Protection of the Constitution (BfV) and the National Intelligence Service of the Republic of Korea (NIS) warn about Kimsuky's use of Chrome extensions to steal target's Gmail emails. Kimsuky (aka Thallium, Velvet Chollima) is a North Korean threat group that uses spear phishing to conduct cyber-espionage against diplomats, journalists, government agencies, university professors, and politicians. Initially…
Read More
22 Mar 2023
By Mary

InfoSec News Nuggets 03/22/2023

Hacker tied to D.C. Health Link breach says attack ‘born out of Russian patriotism’ The data beach that has exposed sensitive health care information of nearly two dozen members of Congress and their families — putting them along with tens of thousands of Washington area residents at risk of identity theft and additional cyberattacks — is apparently the work of a patriotic Russian hacker seeking to inflict damage on U.S. politicians. In an online conversation…
Read More
21 Mar 2023
By Mary

InfoSec News Nuggets 03/21/2023

Hackers can hijack Samsung and Pixel phones by knowing phone number Google Pixel and Samsung phone owners should be cautious, as Google’s bug-hunting team, Project Zero, has discovered as many as 18 security vulnerabilities impacting Exynos modems. Reportedly, these vulnerabilities, if combined, can allow an adversary to gain complete control over a smartphone without alerting the user. In addition, wearable devices using the Exynos W20 chipset, such as Galaxy Watch 4 and 5, and vehicles…
Read More
20 Mar 2023
By Mary

InfoSec News Nuggets 03/20/2023

John Deere urged to surrender source code under GPL The Software Freedom Conservancy (SFC) has called upon farm equipment maker John Deere to comply with its obligations under the General Public License (GPL), which requires users of such software to share source code. In a blog post published on Thursday, SFC director of compliance Denver Gingerich argues that farmers' ability to repair their tools is now in jeopardy because the makers of those tools have used GPL-covered…
Read More
17 Mar 2023
By Mary

InfoSec News Nuggets 03/17/2023

Apple is reportedly experimenting with language-generating AI If not for last week’s Silicon Valley Bank (SVB) collapse almost every conversation in tech seems to be centered around AI and chatbots. In the last few days, Microsoft-backed OpenAI released a new language model called GPT-4. Its competitor Anthropic released the Claude chatbot. Google said that it is integrating AI into its Workspace tools like Gmail and Docs. Microsoft Bing has brought attention to itself with a chatbot-enabled search. The one name missing from…
Read More