20 Jul 2023
By Mary

InfoSec News Nuggets 07/20/2023

Ukraine takes down massive bot farm, seizes 150,000 SIM cards  The Cyber ​​Police Department of the National Police of Ukraine dismantled another massive bot farm linked to more than 100 individuals after searches at almost two dozen locations. The bots were used to push Russian propaganda justifying Russia's war in Ukraine, to disseminate illegal content and personal information, and in various other fraudulent activities. In a joint operation, the cyber police and units of the…
Read More
19 Jul 2023
By Mary

InfoSec News Nuggets 07/19/2023

VirusTotal leaked data of 5,600 registered users VirusTotal has suffered a data leak that exposed the names and email addresses of 5,600 of its registered users. The leaked data reportedly includes information about employees of US and German intelligence agencies (among others). Google-owned VirusTotal is a popular online service for analyzing suspicious files and URLs to detect malware and malicious content through antivirus engines and website scanners.   Attackers Pummel Millions of Websites via Critical…
Read More
18 Jul 2023
By Mary

InfoSec News Nuggets 07/18/2023

JumpCloud says nation-state hackers breached its systems Identity and access management firm JumpCloud says it reset customers’ API keys after nation-state hackers breached its systems. JumpCloud, a directory platform that allows enterprises to authenticate, authorize, and manage users and devices, last week told customers that it had reset their API keys “out of an abundance of caution” due to an ongoing, but unspecified security incident. In a post-mortem of the incident published, JumpCloud said it…
Read More
17 Jul 2023
By Mary

InfoSec News Nuggets 07/17/2023

Microsoft still unsure how hackers stole Azure AD signing key  Microsoft says it still doesn't know how Chinese hackers stole an inactive Microsoft account (MSA) consumer signing key used to breach the Exchange Online and Azure AD accounts of two dozen organizations, including government agencies. "The method by which the actor acquired the key is a matter of ongoing investigation," Microsoft admitted in a new advisory published today. The incident was reported by U.S. government officials after the discovery of unauthorized…
Read More
14 Jul 2023
By Mary

InfoSec News Nuggets 07/14/2023

Congress is trying to stop discriminatory algorithms again  US policymakers hope to require online platforms to disclose information about their algorithms and allow the government to intervene if these are found to discriminate based on criteria like race or gender. Sen. Edward Markey (D-MA) and Rep. Doris Matsui (D-CA) reintroduced the Algorithmic Justice and Online Platform Transparency Act, which aims to ban the use of discriminatory or “harmful” automated decision-making. It would also establish safety standards,…
Read More
13 Jul 2023
By Mary

InfoSec News Nuggets 07/13/2023

Financial Industry Faces Soaring Ransomware Threat  The financial industry has been facing a surge in ransomware attacks over the past few years, said cybersecurity provider SOCRadar in a threat analysis post published on July 12, 2023. This trend started in the first half of 2021, when Trend Micro saw a staggering 1318% increase in ransomware attacks targeting banks and financial institutions compared to the same period in 2020. Sophos also found that over half (55%) of financial service firms fell victim…
Read More
12 Jul 2023
By Mary

InfoSec News Nuggets 07/12/2023

Apple releases, quickly pulls Rapid Security Response update for 0-day WebKit bug  Yesterday, Apple published a new Rapid Security Response update for iOS 16, iPadOS 16, and macOS Ventura to patch yet another actively exploited WebKit code execution bug. But shortly after installation, users began having issues accessing certain websites, and Apple has apparently pulled the update to fix the problem. According to MacRumors, affected sites include Facebook, Instagram, WhatsApp, and Zoom, which began showing warning messages about not being supported following…
Read More
11 Jul 2023
By Mary

InfoSec News Nuggets 07/11/2023

New Mozilla Feature Blocks Risky Add-Ons on Specific Websites to Safeguard User Security Mozilla has announced that some add-ons may be blocked from running on certain sites as part of a new feature called Quarantined Domains. "We have introduced a new back-end feature to only allow some extensions monitored by Mozilla to run on specific websites for various reasons, including security concerns," the company said in its Release Notes for Firefox 115.0 released last week.…
Read More
10 Jul 2023
By Mary

InfoSec News Nuggets 07/10/2023

Can Generative AI Be Trusted to Fix Your Code?  Organizations worldwide are in a race to adopt AI technologies into their cybersecurity programs and tools. A majority (65%) of developers use or plan on using AI in testing efforts in the next three years. There are many security applications that will benefit from generative AI, but is fixing code one of them? For many DevSecOps teams, generative AI represents the holy grail for clearing their increasing vulnerability backlogs.     MOVEit Transfer customers…
Read More
07 Jul 2023
By Mary

InfoSec News Nuggets 07/07/2023

Cyber agencies warn of new TrueBot malware variants targeting US and Canadian firms  Cybersecurity agencies in the U.S. and Canada warned Thursday that threat actors are using new TrueBot malware variants to steal data from victims. In an advisory co-written by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Centre for Cyber Security (CCCS), the organizations said that as recently as May 31 they observed a surge in financially…
Read More
06 Jul 2023
By Mary

InfoSec News Nuggets 07/06/2023

Singapore tells crypto operators: act like grown up financial institutions  Singapore has joined the ranks of nations requiring digital payment operators to follow the same sort of regulations and customer protection requirements that apply to conventional financial institutions. In measures floated in October 2022 and to be enacted by the end of 2023, Singapore's Monetary Authority (MAS) will require operators to hold customer assets under a statutory trust segregated from their own assets. Crypto outfits are…
Read More
05 Jul 2023
By Mary

InfoSec News Nuggets 07/05/2023

Who’s Behind the DomainNetworks Snail Mail Scam?  If you’ve ever owned a domain name, the chances are good that at some point you’ve received a snail mail letter which appears to be a bill for a domain or website-related services. In reality, these misleading missives try to trick people into paying for useless services they never ordered, don’t need, and probably will never receive. Here’s a look at the most recent incarnation of this scam — DomainNetworks — and…
Read More
03 Jul 2023
By Mary

InfoSec News Nuggets 07/03/2023

Tech firms sue Arkansas over social media age verification law  The technology industry isn't thrilled with Arkansas' law requiring social media age checks. NetChoice, a tech trade group that includes Google, Meta and TikTok, has sued the state of Arkansas over claimed US Constitution violations in the Social Media Safety Act. The measure allegedly treads on First Amendment free speech rights by making users hand over private data in order to access social networks. It also "seizes decision making"…
Read More
30 Jun 2023
By Mary

InfoSec News Nuggets 06/30/2023

Does the world need an arms control treaty for AI?  At the dawn of the atomic age, the nuclear scientists who invented the atomic bomb realized that the weapons of mass destruction they had created desperately needed to be controlled. Physicists such as Niels Bohr and J. Robert Oppenheimer believed that as knowledge of nuclear science spread so, too, would bombs. That realization marked the beginning of the post-war arms control era. Today, there’s a similar…
Read More
29 Jun 2023
By Mary

InfoSec News Nuggets 06/29/2023

Windows 11 tests letting you sign into websites with your fingerprint or face  Microsoft is improving Windows 11’s support for the new passkey standard that aims to replace passwords with a more secure and convenient way of logging in. A recent Insider Preview Build (23486) now lets you use Windows Hello natively to create and sign in to supported applications and websites using passkeys, where you’ll be asked to prove your identity using a PIN, fingerprint, or…
Read More
28 Jun 2023
By Mary

InfoSec News Nuggets 06/28/2023

This Chatbot Gives Phone Call Scammers a Taste of Their Own Medicine  A group of cybersecurity experts in Australia are developing a chatbot that can impersonate a human and sit on a scam phone call to waste a fraudster's time. Researchers at Macquarie University in Sydney are creating the chatbot system to act as a “honeypot” that lures scammers into 40-minute-long conversations that amount to nothing. “Our model ties them up, wastes their time, and reduces the number…
Read More
27 Jun 2023
By Mary

InfoSec News Nuggets 06/27/2023

The tech flaw that lets hackers control surveillance cameras In a darkened studio inside the BBC's Broadcasting House in London, a man sits at his laptop and enters his password. Thousands of miles away, a hacker is watching everything he types. Next, the BBC employee picks up his mobile phone and enters the passcode. The hacker now has that, too. A security flaw in the surveillance camera on the ceiling - manufactured by the Chinese…
Read More
26 Jun 2023
By Mary

InfoSec News Nuggets 06/26/2023

NCSC Updates Cybersecurity Guidance for the Legal Sector The UK’s National Cyber Security Centre (NCSC) has released updated guidance to help law firms mitigate the latest cyber-threats. Worth an estimated £44bn ($56bn), the sector employs over 320,000 people and consists of roughly 33,000 businesses, according to the report. However, the size of these organizations and the amount of resources they dedicate to cybersecurity can vary significantly. PwC claimed last year that the top 100 law…
Read More
23 Jun 2023
By Mary

InfoSec News Nuggets 06/23/2023

Critical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 Websites  A critical security flaw has been disclosed in the WordPress "Abandoned Cart Lite for WooCommerce" plugin that's installed on more than 30,000 websites. "This vulnerability makes it possible for an attacker to gain access to the accounts of users who have abandoned their carts, who are typically customers but can extend to other high-level users when the right conditions are met," Defiant's Wordfence said in an advisory. Tracked as CVE-2023-2986, the…
Read More
22 Jun 2023
By Mary

InfoSec News Nuggets 06/22/2023

Oreo maker Mondelez staff hit by data breach at third-party law firm  Snack giant Mondelez is warning past and present employees that their personal information may now be in the hands of hackers following a data breach at a third-party firm. Over 50,000 members of staff are receiving data breach notifications from the Oreo maker, after a data breach at Bryan Cave Leighton Paisner LLP, a law firm hired by Mondelez to provide legal advice. Bryan Cave…
Read More
21 Jun 2023
By Mary

InfoSec News Nuggets 06/21/2023

Biden to meet with AI experts to talk regulation and safety President Joe Biden is expected to meet with a cohort of experts and researchers in the expanding field of artificial intelligence, part of the ongoing executive effort to integrate more private sector and academic expertise into federal technology policy. Announced on Monday by a White House official, the specific experts set to meet with Biden work specifically in studying the impact AI is slated…
Read More
20 Jun 2023
By Mary

InfoSec News Nuggets 06/20/2023

US Offers $10m Reward For MOVEit Attackers  The US Department of State has offered a $10m reward for information linking members of a Clop affiliate responsible for a recent data extortion campaign to a foreign government. Using the #StopRansomware hashtag, the department issued the announcement as part of its Rewards for Justice initiative. Launched in 1984, the program is designed to boost national security by soliciting information on terrorists, North Korean activity, cyber-threat actors and election interference.    Researchers Discover…
Read More
19 Jun 2023
By Mary

InfoSec News Nuggets 06/19/2023

SMS delivery reports can be used to infer recipient's location  A team of university researchers has devised a new side-channel attack named 'Freaky Leaky SMS,' which relies on the timing of SMS delivery reports to deduce a recipient's location. SMS delivery reports are handled by the SMSC (short message service center) of the mobile network to inform when a message has been delivered, accepted, failed, is undeliverable, has expired, or has been rejected. While there are routing,…
Read More
31 May 2023
By Mary

InfoSec News Nuggets 05/31/2023

The Sobering Truth About Ransomware—For The 80% Who Paid Up  Newly published research of 1,200 organizations impacted by ransomware reveals a sobering truth that awaits many of those who decide to pay the ransom. According to research from data resilience specialists Veeam, some 80% of the organizations surveyed decided to pay the demanded ransom in order to both end the ongoing cyber attack and recover otherwise lost data. This despite 41% of those organizations having a “do…
Read More
30 May 2023
By Mary

InfoSec News Nuggets 05/30/2023

Emby shuts down user media servers hacked in recent attack  Emby says it remotely shut down an undisclosed number of user-hosted media server instances that were recently hacked by exploiting a previously known vulnerability and an insecure admin account configuration. "We have detected a malicious plugin on your system which has probably been installed without your knowledge. [..] For your safety we have shutdown your Emby Server as a precautionary measure," the company informed users of affected servers in…
Read More
26 May 2023
By Mary

InfoSec News Nuggets 05/26/2023

Microsoft 365 phishing attacks use encrypted RPMSG messages  Attackers are now using encrypted RPMSG attachments sent via compromised Microsoft 365 accounts to steal Microsoft credentials in targeted phishing attacks designed to evade detection by email security gateways. RPMSG files (also known as restricted permission message files) are encrypted email message attachments created using Microsoft's Rights Management Services (RMS) and offer an extra layer of protection to sensitive info by restricting access to authorized recipients. Recipients who want to read…
Read More
25 May 2023
By Mary

InfoSec News Nuggets 05/25/2023

US sanctions North Korean entities involved in cyberattacks and IT worker fraud The U.S. Treasury Department on Tuesday announced new sanctions on four entities that employ thousands of North Korean IT workers who help illicitly finance the regime's missile and weapons of mass destruction programs. North Korea maintains legions of “highly skilled” IT workers around the globe, primarily in China and Russia, who “generate revenue that contributes to its unlawful WMD and ballistic missile programs,” according…
Read More
24 May 2023
By Mary

InfoSec News Nuggets 05/24/2023

FTC Accuses Defunct Edtech Company Edmodo of Violating Kids' Privacy The Federal Trade Commission announced a proposed $6 million settlement with education technology company Edmodo Tuesday for collecting data from kids without parental consent and using it to sell ads in violation of the Children’s Online Privacy Protection Act (COPPA). The case is unusual for several reasons, including the fact that the Edmodo went out of business while the government was still investigating. The FTC is on a tear in recent months, upending the…
Read More
23 May 2023
By Mary

InfoSec News Nuggets 05/23/2023

The fax is still king in healthcare — and it’s not going away anytime soon The fax — that 1940s technology that exploded in the 1980s and operates by copying an image and transmitting it through squeaks and squawks over a phone line — is still used by a large majority of healthcare providers, insurance payers, and pharmacies. And it’s simply not going away anytime soon. As recently as 2019, seven in 10 hospitals were…
Read More
22 May 2023
By Mary

InfoSec News Nuggets 05/22/2023

Food distributor Sysco says cyberattack potentially leaked 125,000 Social Security numbers  A cyberattack on Sysco, one of the world’s largest food distributors, gave hackers access to the sensitive personal information of more than 125,000 current and former employees. In documents filed with state regulators in Maine, the company said an incident in January leaked troves of sensitive employee information. Sysco has more than 71,000 current employees, operates in over 90 countries and reported sales of more than $68…
Read More
19 May 2023
By Mary

InfoSec News Nuggets 05/19/2023

Google’s turning off third-party cookies for 1 percent of Chrome users early next year  Google has been talking about a plan for Chrome to block the third-party cookies that can track user activity across many different websites since 2020. Its stated intention at the time was to complete the shift within two years. Three years later, it hasn’t happened, as its proposals for replacement technology have been criticized by competitors and privacy advocates and scrutinized by regulators who…
Read More
18 May 2023
By Mary

InfoSec News Nuggets 05/18/2023

Capita accused of ‘unsafe storage of personal data’ following data breach  Capita, the British outsourcing company hit by a ransomware attack in March, is facing a growing list of complaints from customers following the revelation of another data breach. Colchester City Council, which contracts Capita for financial services, has accused the company of “unsafe storage of personal data” over an historical incident that predates the ransomware attack but came to light afterwards. As first reported by TechCrunch earlier this month, Capita…
Read More
17 May 2023
By Mary

InfoSec News Nuggets 05/17/2023

ChatGPT's chief to testify before Congress as concerns grow about artificial intelligence risks  The head of the artificial intelligence company that makes ChatGPT will testify before Congress as lawmakers call for new rules to guide the rapid development of AI technology. OpenAI CEO Sam Altman is scheduled to speak at a Senate hearing Tuesday. His San Francisco-based startup rocketed to public attention after its release late last year of ChatGPT, a free chatbot tool that answers questions with convincingly…
Read More
16 May 2023
By Mary

InfoSec News Nuggets 05/16/2023

Airline exposes passenger info to others due to a 'technical error'  airBaltic, Latvia's flag carrier has acknowledged that a 'technical error' exposed reservation details of some of its passengers to other airBaltic passengers. Passengers also reported receiving unexpected emails which addressed them by the name of another customer. The Riga-based airline, incorporated as AS Air Baltic Corporation operates flights to 80 destinations and is 97% government-owned. Although the air carrier says the leak impacts a small percentage of its customers…
Read More
15 May 2023
By Mary

InfoSec News Nuggets 05/15/2023

Brightly says SchoolDude data breach spilled 3 million user accounts  Software maker Brightly has confirmed that hackers stole close to three million SchoolDude user accounts in an April data breach. SchoolDude is a cloud-based work order management system, used primarily by schools and universities, to submit and track maintenance orders. Its users are school employees, like principals, executives and maintenance workers, as well as students and other staff submitting repair requests. In a data breach notice filed with the Maine attorney general’s…
Read More
12 May 2023
By Mary

InfoSec News Nuggets 05/12/2023

Australian software giant won’t say if customers affected by hack  Australian enterprise software company TechnologyOne has halted trading after confirming it was hit by a cyberattack. In a stock exchange filing on Wednesday, the Brisbane-based software maker said it had detected that “an unauthorized third-party acted illegally to access its internal Microsoft 365 back-office system.” TechnologyOne said the company’s customer-facing platform is not connected to the affected Microsoft 365 system and “therefore has not been impacted,” but when reached, the company would…
Read More
11 May 2023
By Mary

InfoSec News Nuggets 05/11/2023

Hackers attempt to extort Dragos and its executives in suspected ransomware attempt  Unknown hackers attempted to infiltrate Dragos, one of the leading industrial cybersecurity firms that works with government agencies and utilities globally, in a unsuccessful campaign that targeted the company’s executives and their family members, the firm said on Wednesday. “We are confident that our layered security controls prevented the threat actor from accomplishing what we believe to be their primary objective of launching ransomware,”…
Read More
10 May 2023
By Mary

InfoSec News Nuggets 05/10/2023

US authorities seize more domains linked to prolific DDoS-for-hire websites  U.S. authorities have seized 13 more domains linked to some of the world’s most popular DDoS-for-hire websites. These websites, also described as “booter” or “stressor” services, are marketed as legitimate security testing tools that allow admins to stress-test websites. In reality, the services are used for launching denial-of-service (DDoS) attacks designed to overwhelm websites and networks and force them offline. The DOJ announced on Monday that the FBI had…
Read More
09 May 2023
By Mary

InfoSec News Nuggets 05/09/2023

WhatsApp could disappear from UK over privacy concerns, ministers told  The UK government risks sleepwalking into a confrontation with WhatsApp that could lead to the messaging app disappearing from Britain, ministers have been warned, with options for an amicable resolution fast running out. At the centre of the row is the online safety bill, a vast piece of legislation that will touch on almost every aspect of online life in Britain. More than four years in the making, with eight…
Read More
05 May 2023
By Mary

InfoSec News Nuggets 05/05/2023

Microsoft Is Ending Windows 10 Updates  Microsoft is finished with major updates to Windows 10, the tech giant said in a blog post Thursday. Windows 10 version 22H2 is the current and final version of the operating system, though Microsoft said it will continue to release monthly security updates for all Windows 10 editions until it reaches end of support on Oct. 14, 2025. Existing long-term servicing channel, or LTSC, releases will still receive updates beyond that end…
Read More
04 May 2023
By Mary

InfoSec News Nuggets 05/04/2023

Apple and Google Join Forces to Stop Unauthorized Tracking Alert System  Apple and Google have teamed up to work on a draft industry-wide specification that's designed to tackle safety risks and alert users when they are being tracked without their knowledge or permission using devices like AirTags. "The first-of-its-kind specification will allow Bluetooth location-tracking devices to be compatible with unauthorized tracking detection and alerts across Android and iOS platforms," the companies said in a joint statement. While these trackers…
Read More
03 May 2023
By Mary

InfoSec News Nuggets 05/03/2023

Western Digital hackers publish leaked images to taunt storage giant Hackers that breached Western Digital(opens in new tab)’s (WD) systems and stole sensitive data in late March 2023 have posted a series of screenshots of internal emails and other company communication which they say shows WD’s poor efforts to address the incident. Cybersecurity researcher Dominic Alvieri discovered a total of 29 screenshots showing emails, documents, and video conferences, all related to the actions WD took following the…
Read More
02 May 2023
By Mary

InfoSec News Nuggets 05/02/2023

Hackers leak images to taunt Western Digital's cyberattack response The ALPHV ransomware operation, aka BlackCat, has published screenshots of internal emails and video conferences stolen from Western Digital, indicating they likely had continued access to the company's systems even as the company responded to the breach. The leak comes after the threat actor warned Western Digital on April 17th that they would hurt them until they "cannot stand anymore" if a ransom was not paid.…
Read More
01 May 2023
By Mary

InfoSec News Nuggets 05/01/2023

Many Public Salesforce Sites are Leaking Private Data  A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures all stem from a misconfiguration in Salesforce Community that allows an unauthenticated user to access records that should only be available after logging in. Salesforce Community is a widely-used cloud-based software product that makes it easy for organizations to…
Read More
28 Apr 2023
By Mary

InfoSec News Nuggets 04/28/2023

Continuous Scanning Is Imperative for Effective Web Application Security Software moves fast. With so many Web applications and APIs being built and modified in increasingly complex IT environments, securing your attack surface — which can change hourly or multiple times a day — is a challenge. Traditional approaches to security, like one-off tests or periodic scans, are no longer enough to get the job done and done well. Attackers are zeroing in on these apps…
Read More
27 Apr 2023
By Mary

InfoSec News Nuggets 04/27/2023

Metaverse Version of the Dark Web Could be Nearly Impenetrable As the metaverse takes shape over the coming years, many of the security issues afflicting cyberspace will begin to spill over into virtual space as well. One of the biggest of these threats will be the emergence of a new "darkverse," where criminals will be able to operate with greater impunity and more dangerously than they are able to do now on the Dark Web,…
Read More
26 Apr 2023
By Mary

InfoSec News Nuggets 04/26/2023

Security Failures At TikTok’s Virginia Data Centers: Unescorted Visitors, Mystery Flash Drives And Illicit Crypto Mining  For years, TikTok has told lawmakers that the private data of its U.S. users is secured — and safe from potential influence or exfiltration — in a cluster of data centers located in Northern Virginia. But interviews with seven current and former employees and more than 60 documents, photos and videos from the data centers reveal that the centers have faced…
Read More
25 Apr 2023
By Mary

InfoSec News Nuggets 04/25/2023

IT staffers would help colleagues avoid monitoring software The use of invasive monitoring software that tracks employee productivity is unlikely to be popular with workers — and it turns out IT staffers aren’t keen on deploying the technology either. In fact, many IT workers are apparently willing to defy company policy and help colleagues find workarounds to avoid being spied on by the boss. That’s according to a survey of 500 IT managers and 500 non-manager IT workers…
Read More
24 Apr 2023
By Mary

InfoSec News Nuggets 04/24/2023

Microsoft has a new way of naming security threats Microsoft is banking on our human obsession with the weather to help make identifying security threats easier with a shakeup(opens in new tab) to its taxonomy. As of April 2023, Microsoft will now be using weather events to help identify threats across five key groups, including financially motivated, private sector offensive actors (PSOAs), influence operations, groups in development, and finally nation states. The company hopes that…
Read More
20 Apr 2023
By Mary

InfoSec News Nuggets 04/20/2023

The Car Thieves Using Tech Disguised Inside Old Nokia Phones and Bluetooth Speakers  A man sitting in the driver’s seat of a Toyota is repeatedly tapping a button next to the steering wheel. A red light flashes—no luck, the engine won’t start. He doesn’t have the key. In response, the man pulls up an usual tool: a Nokia 3310 phone. The man plugs the phone into the car using a black cable. He then flicks through…
Read More