30 Dec 2024
By Mary

InfoSec News Nuggets 12/30/2024

Emerging Threats & Vulnerabilities to Prepare for in 2025 In 2024, we at Dark Reading covered a variety of attacks, exploits, and, of course, vulnerabilities across the board. Here, we recount 10 emerging threats organizations should be prepared for — as detailed by Dr. Jason Clark in "10 Emerging Vulnerabilities Every Enterprise Should Know," a Dark Reading webinar — as they continuously rise and develop in 2025. Zero-days and their increase in volume across the…
Read More
26 Dec 2024
By Mary

InfoSec News Nuggets 12/26/2024

The Breachies 2024: The Worst, Weirdest, Most Impactful Data Breaches of the Year Every year, countless emails hit our inboxes telling us that our personal information was accessed, shared, or stolen in a data breach. In many cases, there is little we can do. Most of us can assume that at least our phone numbers, emails, addresses, credit card numbers, and social security numbers are all available somewhere on the internet. But some of these data breaches are more…
Read More
24 Dec 2024
By Mary

InfoSec News Nuggets 12/24/2024

Suspected LockBit dev, facing US extradition, 'did it for the money' An alleged LockBit ransomware developer is in custody in Israel and awaiting extradition to the United States. Israeli law enforcement arrested Rostislav Panev, 51, a dual Russian and Israeli national, in August at the request of the US. Panev faces 41 counts, including computer-related extortion, conspiracy to commit fraud, conspiracy to commit wire fraud, and intentional damage to a protected computer, according to a…
Read More
23 Dec 2024
By Mary

InfoSec News Nuggets 12/23/2024

China 'compromised' Canadian government networks and stole valuable info: spy agency Threat actors sponsored by China "compromised" Canadian government networks over the past five years and collected valuable information, says a new report from Canada's cyber spy agency. The Communications Security Establishment, responsible for foreign signals intelligence, cyber operations and cyber security, released its updated national cyber threat assessment on Wednesday. The assessment flags threats the agency sees as the most pressing ones facing individuals and…
Read More
20 Dec 2024
By Mary

InfoSec News Nuggets 12/20/2024

Don't fall for a mail asking for rapid Docusign action – it may be an Azure account hijack phish Unknown criminals went on a phishing expedition that targeted about 20,000 users across the automotive, chemical and industrial compound manufacturing sectors in Europe, and tried to steal account credentials and then hijack the victims' Microsoft Azure cloud infrastructure. After taking over victims' accounts, the miscreants signed into new devices using stolen creds so they could maintain…
Read More
19 Dec 2024
By Mary

InfoSec News Nuggets 12/19/2024

Man Accused of SQL Injection Hacking Gets 69-Month Prison Sentence The US Justice Department has announced the sentencing of 32-year-old Vitalii Antonenko, a man accused of hacking, credit card theft, and money laundering.  Antonenko, a resident of New York City, was arrested in March 2019 after returning from Ukraine. An indictment accusing him of participating in a cybercrime scheme was announced one year later.  The man pleaded guilty to conspiracy to engage in computer hacking, money laundering, and trafficking…
Read More
18 Dec 2024
By Mary

InfoSec News Nuggets 12/18/2024

Serbia: Authorities using spyware and Cellebrite forensic extraction tools to hack journalists and activists Serbian police and intelligence authorities are using advanced phone spyware alongside mobile phone forensic products to unlawfully target journalists, environmental activists and other individuals in a covert surveillance campaign, a new Amnesty International report has revealed.  The report, “A Digital Prison”: Surveillance and the Suppression of Civil Society in Serbia, documents how mobile forensic products made by Israeli company Cellebrite are being used…
Read More
16 Dec 2024
By Mary

InfoSec News Nuggets 12/16/2024

Data breach at Senior Dating website spills info of 765,000 users A database belonging to matchmaking site, Senior Dating, has been discovered on data leak site Have I Been Pwned (HIBP). The database contains the personally identifiable information of 765,517 users, and the site has since been shut down entirely. The compromised data breach stems from a Google-backed web development platform, Firebase. Another dating site with the same owner, Ladies.com, suffered a similar breach, with 118,809 users exposed.…
Read More
13 Dec 2024
By Mary

InfoSec News Nuggets 12/13/2024

Senators, witnesses: $3B for ‘rip and replace’ a good start to preventing Salt Typhoon-style breaches The $3 billion that Congress folded into the annual defense policy bill to remove Chinese-made telecommunications technology from U.S. networks would be a huge start to defending against breaches like the Salt Typhoon espionage campaign, senators and hearing witnesses said Wednesday. Federal Communications Commission Chairwoman Jessica Rosenworcel recently told Hill leaders that the $1.9 billion Congress had devoted to the “rip and…
Read More
12 Dec 2024
By Mary

InfoSec News Nuggets 12/12/2024

Top Mexican fintech firm leaks details on 1.6 million customers A Mexican fintech startup has been found holding a large database full of sensitive customer data wide open on the internet, available for anyone who knows where to look. Security researchers from Cybernews found the database in early September 2024 after a routine investigation of publicly available indexes. The database, belonging to a company called Kapital, contained sensitive data on 1.6 million Mexicans, including voter IDs and…
Read More
11 Dec 2024
By Mary

InfoSec News Nuggets 12/11/2024

Russia disrupts internet access in multiple regions to test ‘sovereign internet’ Residents of several Russian regions experienced internet disruptions over the weekend as local authorities attempted to disconnect them from the global network and test the country’s so-called “sovereign internet” infrastructure. According to a report by the U.S. nonprofit Institute for the Study of War (ISW), these trials mostly affected Russian regions populated by ethnic minorities, including Chechnya, Dagestan and Ingushetia. Data from the internet watchdog NetBlocks…
Read More
10 Dec 2024
By Mary

InfoSec News Nuggets 12/10/2024

Apple sued for allegedly harboring child sexual abuse material on iCloud A lawsuit was filed against Apple this weekend, accusing the company of knowingly allowing its iCloud storage service to be used for storing child sexual abuse material (CSAM). The suit, filed on behalf of thousands of victims of child sexual abuse, alleges Apple's inaction has caused further harm to victims. The victim, a 27-year-old woman, filed the lawsuit after enduring abuse that began in…
Read More
09 Dec 2024
By Mary

InfoSec News Nuggets 12/09/2024

Recently Charged Scattered Spider Suspect Did Poor Job at Covering Tracks A 19-year-old from California has been charged over his alleged role in Scattered Spider attacks, and court documents show that he did a poor job at covering his tracks. Bloomberg [paywalled article] reported that the teen, Remington Ogletree, was arrested last month and released on bail. According to court documents, Ogletree conducted cybercriminal activities between at least October 2023 and May 2024. He has been…
Read More
05 Dec 2024
By Mary

InfoSec News Nuggets 12/05/2024

U.S. Offered $10M for Hacker Just Arrested by Russia In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “Wazawaka,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The U.S. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. Last week, the Russian government reportedly arrested Matveev and charged him with creating malware used to extort companies.…
Read More
04 Dec 2024
By Mary

InfoSec News Nuggets 12/04/2024

US agency proposes new rule blocking data brokers from selling Americans’ sensitive personal data The Consumer Financial Protection Bureau (CFPB) has proposed a new rule that would block data brokers from selling personal and financial information on Americans, including their Social Security numbers and phone numbers, under the Fair Credit Reporting Act (FCRA).  In proposing the new rules, months after President Biden signed an executive order to curb the sale of Americans’ private data, the U.S. consumer…
Read More
03 Dec 2024
By Mary

InfoSec News Nuggets 12/03/2024

Hackers claim to have cracked Microsoft's software licensing protection almost entirely A team of hackers claim that they have cracked "almost the entire Windows / Office software licensing protection". The breakthrough allows them to activate "almost any version of Windows and Office" permanently. Windows and Office installations require activation. This may happen behind the scene or when users enter product keys. Workarounds and hacks have been available for a long time. One popular choice requires…
Read More
02 Dec 2024
By Mary

InfoSec News Nuggets 12/02/2024

Police bust pirate streaming service making €250 million per month An international law enforcement operation has dismantled a pirate streaming service that served over 22 million users worldwide and made €250 million ($263M) per month. Italy's Postal and Cybersecurity Police Service announced the action, codenamed "Taken Down," stating they worked with Eurojust, Europol, and many other European countries, making this the largest takedown of its kind in Italy and internationally. "More than 270 Postal Police officers, in…
Read More
27 Nov 2024
By Mary

InfoSec News Nuggets 11/27/2024

US government agencies told to patch these critical security flaws or face attack The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new critical vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning federal agencies they have a three-week deadline to apply the available patch, or stop using the affected software altogether. The agency added a missing authentication vulnerability to KEV tracked under CVE-2023-28461, which has a severity score of 9.8, and allows…
Read More
26 Nov 2024
By Mary

InfoSec News Nuggets 11/26/2024

7-Zip affected by dangerous vulnerability: users must update the app manually The popular file compression program 7-Zip is currently affected by a high-severity vulnerability that allows attackers to execute code on the victim’s machines, Trend Micro’s Zero Day Initiative (ZDI) has disclosed. The flaw has a severity score of 7.8 out of 10, and it affects all 7-Zip versions prior to 24.07. It was released on June 19th, 2024, and the current version is 24.08.…
Read More
25 Nov 2024
By Mary

InfoSec News Nuggets 11/25/2024

Now Online Safety Act is law, UK has 'priorities' – but still won't explain 'spy clause' The UK government has set out plans detailing how it will use the new law it has created to control online platforms and social media – with one telling exception. The Draft Statement of Strategic Priorities for online safety places an emphasis on platform providers preventing online harms in the first place, and collaborating with regulator Ofcom on how the new…
Read More
22 Nov 2024
By Mary

InfoSec News Nuggets 11/22/2024

Now Online Safety Act is law, UK has 'priorities' – but still won't explain 'spy clause' The UK government has set out plans detailing how it will use the new law it has created to control online platforms and social media – with one telling exception. The Draft Statement of Strategic Priorities for online safety places an emphasis on platform providers preventing online harms in the first place, and collaborating with regulator Ofcom on how the new…
Read More
21 Nov 2024
By Mary

InfoSec News Nuggets 11/21/2024

Fake Discount Sites Exploit Black Friday to Hijack Shopper Information A new phishing campaign is targeting e-commerce shoppers in Europe and the United States with bogus pages that mimic legitimate brands with the goal of stealing their personal information ahead of the Black Friday shopping season. "The campaign leveraged the heightened online shopping activity in November, the peak season for Black Friday discounts. The threat actor used fake discounted products as phishing lures to deceive…
Read More
20 Nov 2024
By Mary

InfoSec News Nuggets 11/20/2024

300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks Over 300 drinking water systems that serve roughly 110 million people in the US are affected by vulnerabilities that could lead to service disruptions, a new report from the Environmental Protection Agency (EPA)’s Office of Inspector General (OIG) shows. A passive assessment of security defects in 1,062 drinking water systems that serve over 193 million individuals has revealed that a quarter of them…
Read More
19 Nov 2024
By Mary

InfoSec News Nuggets 11/19/2024

Porch pirates appear to be accessing AT&T data to track iPhone deliveries A new report today suggests that porch pirates – thieves who steal packages left on doorsteps shortly after delivery – have accessed tracking data from AT&T systems to follow iPhone deliveries. There has been a marked uptick in iPhones being stolen from doorsteps after being ordered from AT&T and delivered by Fedex, apparently with the help of real-time delivery updates.   Phobos Ransomware Administrator Extradited from South…
Read More
18 Nov 2024
By Mary

InfoSec News Nuggets 11/18/2024

Hackers now sending physical malicious letters, Swiss authorities warn Is there anything threat actors won’t do to gain initial access? Swiss authorities are warning about a new sophisticated cybersecurity threat – malicious counterfeit letters. Cyber bandits have launched a malicious campaign across Switzerland using counterfeit letters that appear to be from MeteoSwiss (the Federal Office of Meteorology and Climatology). The victims report that the letters contain a QR code asking recipients to download a new…
Read More
15 Nov 2024
By Mary

InfoSec News Nuggets 11/15/2024

Chinese national faces 20 years in US prison for laundering pig-butchering proceeds One of the ringleaders of a scheme to launder millions stolen through cryptocurrency investment scams pleaded guilty in a California courtroom on Tuesday. Daren Li, 41, faces up to 20 years in prison for taking part in an operation that laundered more than $73 million stolen from people duped by so-called “pig-butchering” scams. Pig butchering typically involves a scammer forming a relationship with a…
Read More
14 Nov 2024
By Mary

InfoSec News Nuggets 11/14/2024

Our heat map shows sectors with $7.1 trillion in debt face heightened cyber risk Cyber risk in the telecommunications, airlines, and power generation industries shifts to the highest level in our latest cyber heat map. Numerous other sectors, including manufacturing, education, medical products, mass transit, and ports, also show more acute risk than in our 2022 heat map, either due to rising exposure or weaker oversight than in other industries. Together, these sectors account for…
Read More
11 Nov 2024
By Mary

InfoSec News Nuggets 11/11/2024

FBI says hackers are sending fraudulent police data requests to tech giants to steal people’s private information  The FBI is warning that hackers are obtaining private user information — including emails and phone numbers — from U.S.-based tech companies by compromising government and police email addresses to submit “emergency” data requests. The FBI’s public notice filed this week is a rare admission from the federal government about the threat from fraudulent emergency data requests, a legal process designed…
Read More
08 Nov 2024
By Mary

InfoSec News Nuggets 11/08/2024

Roblox is banning kids from ‘social hangout’ spaces  Roblox is going to block kids from accessing certain types of experiences following reports alleging that the platform has enabled child abuse. One new measure will stop kids under 13 from accessing experiences with “certain types of interactive features,” Roblox says in a post on its developer forum. Those include “social hangouts,” where the primary purpose is to communicate with others over text or voice chat, and “free-form 2D…
Read More
07 Nov 2024
By Mary

InfoSec News Nuggets 11/07/2024

Warning: Hackers could take over your email account by stealing cookies, even if you have MFA  The Federal Bureau of Investigation (FBI) has issued a warning that cybercriminals are taking over email accounts via stolen session cookies, allowing them to bypass the multi-factor authentication (MFA) a user has set up. Here’s how it works. Most of us don’t think twice about checking the “Remember me” box when we log in. When you log in and the server has verified…
Read More
06 Nov 2024
By Mary

InfoSec News Nuggets 11/06/2024

Cisco notifies ‘limited set’ of customers after hacker accessed non-public files  Cisco said it has notified a limited set of customers about files that were accessed by a hacker during an incident announced in October. The tech giant has repeatedly denied that it suffered a breach but said on October 18 its investigation into the incident revealed that a threat actor downloaded data on a public-facing DevHub environment — a platform the company uses to make software code, scripts and…
Read More
05 Nov 2024
By Mary

InfoSec News Nuggets 11/05/2024

Chinese APTs Cash In on Years of Edge Device Attacks  Chinese threat actors are operating at a higher level today than ever before, thanks to years of trial-and-error-style attacks against mass numbers of edge devices. Networking devices are a known favorite of China's advanced persistent threats (APT), and why wouldn't they be? Sitting on the outer banks of an enterprise network, they not only allow threat actors a way in, they also double as useful nodes for…
Read More
04 Nov 2024
By Mary

InfoSec News Nuggets 11/04/2024

Microsoft Delays Windows Copilot+ Recall Release Over Privacy Concerns  Microsoft is further delaying the release of its controversial Recall feature for Windows Copilot+ PCs, stating it's taking the time to improve the experience. The development was first reported by The Verge. The artificial intelligence-powered tool was initially slated for a preview release starting in October. "We are committed to delivering a secure and trusted experience with Recall," the company said in an updated statement released Thursday. "To ensure we deliver on these…
Read More
31 Oct 2024
By Mary

InfoSec News Nuggets 10/31/2024

Security flaws found in all Nvidia GeForce GPUs. Update drivers ASAP! Graphics card manufacturer Nvidia is currently issuing a warning to all owners of GeForce GPUs. According to an , several security vulnerabilities requiring urgent attention have been discovered in the company’s own display drivers and other software. A total of eight vulnerabilities are listed, all of them with a “High” severity rating. If you have an Nvidia GeForce GPU, you need to act now.  …
Read More
30 Oct 2024
By Mary

InfoSec News Nuggets 10/30/2024

Meta is reportedly working on its own AI-powered search engine, too Meta is working on an AI-powered search engine to decrease its dependence on Google and Microsoft, according to a report from The Information. The search engine would reportedly provide AI-generated search summaries of current events within the Meta AI chatbot. The Meta AI bot built into Instagram and Facebook currently uses Google — whose parent company, Alphabet, will report quarterly earnings tomorrow — and Microsoft Bing…
Read More
29 Oct 2024
By Mary

InfoSec News Nuggets 10/29/2024

Study shows that LLMs could maliciously be used to poison biomedical knowledge graphs In recent years, medical researchers have devised various new techniques that can help them to organize and analyze large amounts of research data, uncovering links between different variables (e.g., diseases, drugs, proteins, etc.). One of these methods entails building so-called biomedical knowledge graphs (KGs), which are structured representations of biomedical datasets.   Throne’s toilet camera takes pictures of your poop Throne is an…
Read More
28 Oct 2024
By Mary

InfoSec News Nuggets 10/28/2024

Apple Intelligence bug bounty invites researchers to test its privacy claims Apple is inviting investigations into the Private Cloud Compute (PCC) system that powers more computationally intensive Apple Intelligence requests. The company is also expanding its bug bounty program to offer payouts of up to $1,000,000 for people who discover PCC vulnerabilities. The company has boasted about how many AI features (branded as Apple Intelligence) will run on-device without leaving your Mac, iPhone, or other Apple hardware.…
Read More
25 Oct 2024
By Mary

InfoSec News Nuggets 10/25/2024

Millions affected in major health data breach caused by a missing password Researchers from Cybernews have reported finding a huge database containing sensitive customer information from the Mexican healthcare sector left unprotected online. The team discovered a misconfigured Kibana instance with a “tremendous volume” of information, later attributed to eCaresoft, a software company behind two cloud-based Hospital Information Systems - Cirrus and Anytime. These platforms are used by more than 65 hospitals, 110 outpatient care centers, and…
Read More
24 Oct 2024
By Mary

InfoSec News Nuggets 10/24/2024

AI-Powered Attacks Flood Retail Websites Retailers experienced over half a million (569,884) AI-driven attacks per day according to a recent six-month analysis by cybersecurity firm Imperva. These attacks originate from AI tools like ChatGPT, Claude, and Gemini, alongside specialized bots that are designed to scrape websites for LLM training data. The Thales-owned firm observed a range of AI-driven threats, including bots, distributed denial of service (DDoS) attacks, API violations, and business logic abuse.   The Global Surveillance Free-for-All…
Read More
23 Oct 2024
By Mary

InfoSec News Nuggets 10/23/2024

Europe launches ‘gait recognition’ pilot program to monitor border crossings A European Commission-funded biometric “gait recognition” program to study how to more easily identify people crossing the European Union’s external borders by examining their unique walking styles kicked off Thursday. The initiative, dubbed the PopEye Project, is supported by a €3.2 million ($3.5 million) grant that covers a three-year pilot testing the technology, according to TechTransfer, a program at the Vrije Universiteit Brussels and a partner on…
Read More
22 Oct 2024
By Mary

InfoSec News Nuggets 10/22/2024

Bumblebee and Latrodectus Malware Return with Sophisticated Phishing Strategies  Two malware families that suffered setbacks in the aftermath of a coordinated law enforcement operation called Endgame have resurfaced as part of new phishing campaigns. Bumblebee and Latrodectus, which are both malware loaders, are designed to steal personal data, along with downloading and executing additional payloads onto compromised hosts. Tracked under the names BlackWidow, IceNova, Lotus, or Unidentified 111, Latrodectus, is also considered to be a successor to IcedID owing to infrastructure overlaps between the two…
Read More
21 Oct 2024
By Mary

InfoSec News Nuggets 10/21/2024

Password manager makers want to let you securely transfer passkeys The FIDO Alliance, the organization that’s helping shepherd passkey adoption, announced a draft of new specifications that would let users securely move their passkeys across different password managers. Passkeys are great — it’s nice to be able to log in to apps and websites without entering a password. But there hasn't been a standard protocol for transferring your passkeys across password managers. The new specifications, the Credential Exchange…
Read More
18 Oct 2024
By Mary

InfoSec News Nuggets 10/18/2024

From QR to compromise: The growing “quishing” threat Security professionals are always on the lookout for evolving threat techniques. The Sophos X-Ops team recently investigated phishing attacks targeting several of our employees, one of whom was tricked into giving up their information. The attackers used so-called quishing (a portmanteau of “QR code” and “phishing”). QR codes are a machine-readable encoding mechanism that can encapsulate a wide variety of information, from lines of text to binary…
Read More
17 Oct 2024
By Mary

InfoSec News Nuggets 10/17/2024

New CounterSEVeillance and TDXDown Attacks Target AMD and Intel TEEs Security researchers continue to find ways to attack Intel and AMD processors, and the chip giants over the past week have issued responses to separate research targeting their products. The research projects were aimed at Intel and AMD trusted execution environments (TEEs), which are designed to protect code and data by isolating the protected application or virtual machine (VM) from the operating system and other…
Read More
16 Oct 2024
By Mary

InfoSec News Nuggets 10/16/2024

Gmail Scam Alert: Hackers Spoof Google to Steal Credentials Boasting over 2.5 billion users worldwide, Gmail reigns as the most prevalent email service globally. Consequently, it comes as no surprise that this platform has become a focal point for malicious actors seeking to infiltrate accounts and pilfer sensitive data. Sam Mitrovic, an expert on Microsoft security products and the founder of CloudJoy, a Power Platform consultancy, recently sounded the alarm regarding an exceptionally sophisticated, AI-augmented…
Read More
15 Oct 2024
By Mary

InfoSec News Nuggets 10/15/2024

Casio confirms customer data stolen in a ransomware attack Casio now confirms it suffered a ransomware attack earlier this month, warning that the personal and confidential data of employees, job candidates, and some customers was also stolen. The attack was disclosed Monday when Casio warned that it was facing system disruption and service outages due to unauthorized access to its networks during the weekend. Yesterday, the Underground ransomware group claimed responsibility for the attack, leaking various documents allegedly stolen…
Read More
14 Oct 2024
By Mary

InfoSec News Nuggets 10/14/2024

Lamborghini Carjackers Lured by $243M Cyberheist The parents of a 19-year-old Connecticut honors student accused of taking part in a $243 million cryptocurrency heist in August were carjacked a week later — while out house-hunting in a brand new Lamborghini. Prosecutors say the couple was beaten and briefly kidnapped by six young men who traveled from Florida as part of a botched plan to hold the parents for ransom. Late in the afternoon of Aug.…
Read More
09 Oct 2024
By Mary

InfoSec News Nuggets 10/09/2024

European govt air-gapped systems breached using custom malware  An APT hacking group known as GoldenJackal has successfully breached air-gapped government systems in Europe using two custom toolsets to steal sensitive data, like emails, encryption keys, images, archives, and documents. According to an ESET report, this happened at least two times, one against the embassy of a South Asian country in Belarus in September 2019 and again in July 2021, and another against a European government organization between May 2022…
Read More
08 Oct 2024
By Mary

InfoSec News Nuggets 10/08/2024

DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks  The US Department of Justice and Microsoft have seized 107 websites used by Russian cyberspies in a phishing campaign to steal sensitive information from US government agencies, think tanks, and other victims. Court orders targeted domains belonging to Russia's Callisto Group (aka Star Blizzard and Coldriver), a hacking unit of the Russian Federal Security Service (FSB) that has been attacking defense, intelligence, political…
Read More
04 Oct 2024
By Mary

InfoSec News Nuggets 10/04/2024

Iranians Accused of Hacking US Presidential Campaigns; $10 Million Offered for Info on their Location The Justice Department announced that three Iranian nationals and Islamic Revolutionary Guard Corps (IRGC) employees, at the same time, have been indicted for hacking accounts belonging to US officials, journalists, and individuals associated with US political campaigns. Several reports of hacks related to political campaigns have surfaced in recent months as unknown hackers breached various systems and networks, then stole…
Read More