25 Aug 2022
By Mary

InfoSec News Nuggets 08/25/2022

University can’t scan students’ rooms during remote tests, judge rules An Ohio judge has ruled that a Cleveland State University’s virtual scan of a student’s room prior to an online test was unconstitutional. The ruling marks a victory for digital privacy advocates around the country, who have spoken loudly against the practices of online test proctoring for many years. Chemistry student Aaron Ogletree sat for an online test in the spring 2021 semester. Ogletree was…
Read More
24 Aug 2022
By Mary

InfoSec News Nuggets 08/24/2022

"As Nasty as Dirty Pipe" — 8 Year Old Linux Kernel Vulnerability Uncovered Details of an eight-year-old security vulnerability in the Linux kernel have emerged that the researchers say is "as nasty as Dirty Pipe." Dubbed DirtyCred by a group of academics from Northwestern University, the security weakness exploits a previously unknown flaw (CVE-2022-2588) to escalate privileges to the maximum level. "DirtyCred is a kernel exploitation concept that swaps unprivileged kernel credentials with privileged ones to escalate privilege," researchers…
Read More
23 Aug 2022
By Mary

InfoSec News Nuggets 08/23/2022

Lloyd’s to end insurance coverage for state cyber attacks Insurance market Lloyd’s of London has indicated that it will move to require its insurance groups to exclude “catastrophic” nation state cyber attacks from cyber insurance policies from 31 March 2023. According to the Wall Street Journal, which was first to report the story, the change will supposedly ensure that the scope of cyber insurance policies is made clear to buyers, and is being made because Lloyd’s believes the…
Read More
22 Aug 2022
By Mary

InfoSec News Nuggets 08/22/2022

Google blocks largest HTTPS DDoS attack 'reported to date' A Google Cloud Armor customer was hit with a distributed denial-of-service (DDoS) attack over the HTTPS protocol that reached 46 million requests per second (RPS), making it the largest ever recorded of its kind. In just two minutes, the attack escalated from 100,000 RPS to a record-breaking 46 million RPS, almost 80% more than the previous record, an HTTPS DDoS of 26 million RPS that Cloudflare mitigated in…
Read More
19 Aug 2022
By Mary

InfoSec News Nuggets 08/19/2022

AirTag leads to arrest of airline worker accused of stealing at least $15,000 worth of items from luggage An Apple AirTag led to the arrest of an airline subcontractor accused of stealing thousands of dollars’ worth of items from luggage at a Florida airport. Giovanni De Luca, 19, was charged with two counts of grand theft after authorities recovered the stolen items from his home, the Okaloosa County Sheriff’s Office said in a news release…
Read More
18 Aug 2022
By Mary

InfoSec News Nuggets 08/18/2022

In Post Roe v. Wade Era, Mozilla Labels 18 of 25 Popular Period and Pregnancy Tracking Tech With *Privacy Not Included Warning Eighteen out of 25 reproductive health apps and wearable devices that Mozilla investigated for privacy and security practices received a *Privacy Not Included warning label. These findings raise concerns in the post-Roe landscape that data could be used by authorities to determine if users are pregnant, seeking abortion information or services, or crossing state lines…
Read More
17 Aug 2022
By Mary

InfoSec News Nuggets 08/17/2022

Confused cyber criminals have hacked a water company in a bizarre case of mistaken identity A water company that supplies drinking water to over 1.6 million people in the UK says it has been hit by a cyber attack. But the criminal gang involved appears to have claimed it had breached a different water utilities firm. South Staffordshire Water says it has been the "target of a criminal cyber attack" which is causing disruption to…
Read More
16 Aug 2022
By Mary

InfoSec News Nuggets 08/16/2022

Hacker offers to sell data of 48.5 million users of Shanghai's COVID app A hacker has claimed to have obtained the personal information of 48.5 million users of a COVID health code mobile app run by the city of Shanghai, the second claim of a breach of the Chinese financial hub's data in just over a month. The hacker with the username as "XJP" posted an offer to sell the data for $4,000 on the…
Read More
15 Aug 2022
By Mary

InfoSec News Nuggets 08/15/2022

Diagnostic Robotics has AI catching health problems before they take you to the ER A stitch in time saves nine, they say — and a blood thinner in time saves a trip to the emergency room for a heart attack, as Diagnostic Robotics hopes to show. The company’s machine learning-powered preventative care aims to predict and avoid dangerous (and costly) medical crises, saving everyone money and hopefully keeping them healthier in general —  and it’s raised $45…
Read More
12 Aug 2022
By Mary

InfoSec News Nuggets 08/12/2022

It Might Be Our Data, But It’s Not Our Breach A cybersecurity firm says it has intercepted a large, unique stolen data set containing the names, addresses, email addresses, phone numbers, Social Security Numbers and dates of birth on nearly 23 million Americans. The firm’s analysis of the data suggests it corresponds to current and former customers of AT&T. The telecommunications giant stopped short of saying the data wasn’t theirs, but it maintains the records do…
Read More
11 Aug 2022
By Mary

InfoSec News Nuggets 08/11/2022

Cisco hacked by Yanluowang ransomware gang, 2.8GB allegedly stolen Cisco confirmed today that the Yanluowang ransomware group breached its corporate network in late May and that the actor tried to extort them under the threat of leaking stolen files online. The company revealed that the attackers could only harvest and steal non-sensitive data from a Box folder linked to a compromised employee's account. "Cisco experienced a security incident on our corporate network in late May…
Read More
10 Aug 2022
By Mary

InfoSec News Nuggets 08/10/2022

Phishing attack adds pressure with countdown clock A new phishing attack tries to panic users into entering their company email login credentials by displaying a countdown clock that supposedly shows how much time remains before their account is deleted. When the time runs out, nothing actually happens, but the attackers hope the ruse, taken straight from the ransomware handbook, will pressure victims into acting without thinking. The attack begins with a message falsely telling the…
Read More
09 Aug 2022
By Mary

InfoSec News Nuggets 08/09/2022

Slack leaked hashed passwords from its servers for years Did Slack send you a password reset link last week? The company has admitted to accidentally exposing the hashed passwords of workspace users. The issue occurred when a user created or revoked a shared invitation link for their workspace. The good news is that the password wasn't plaintext, and it wasn't visible in any Slack clients. The bad news is that it could be picked up by monitoring…
Read More
08 Aug 2022
By Mary

InfoSec News Nuggets 08/08/2022

LinkedIn Continues its Reign as the Most-Impersonated Brand in Phishing Attacks As cybercriminals look for novel and effective ways to gain entrance to a victim network, LinkedIn is proving to be fruitful enough to keep the attention of phishing scammers. I hope you can appreciate the sophistication of a phishing attack that targets not just a specific company, or even an individual, but a role within the organization – complete with a tailored socially engineered campaign of…
Read More
05 Aug 2022
By Mary

InfoSec News Nuggets 08/05/2022

Scammers Sent Uber to Take Elderly Lady to the Bank Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters.  In this case, the woman figured out she was being scammed before embarking for the bank, but her story is a chilling reminder of how far crooks will go…
Read More
04 Aug 2022
By Mary

InfoSec News Nuggets 08/04/2022

Ukraine Shutters Major Russian Bot Farm Ukrainian law enforcers claim to have dismantled a large bot farm used by Russian special services to spread disinformation and propaganda in the country. The Secret Service of Ukraine (SSU) said the million-strong bot farm was used to “spin destabilizing content” on the country’s military and political leadership to an audience of over 400,000. This included fake news on the situation at the front, an alleged conflict between the…
Read More
03 Aug 2022
By Mary

InfoSec News Nuggets 08/03/2022

Russian national charged in sweeping influence operation to disrupt U.S. elections, sow discord A federal grand jury indicted a Russian national on charges of attempting to disrupt U.S. elections beginning as early as 2014, spreading disinformation to further Moscow’s political aims and infiltrating various American political organizations to carry out his plans. The indictment, unsealed Friday in Tampa, Florida, paints the portrait of a cunning Russian operative who was carrying out a sophisticated and potentially…
Read More
02 Aug 2022
By Mary

InfoSec News Nuggets 08/02/2022

What does Tim Hortons think your data is worth? A coffee and donut, apparently Tim Hortons, the Canadian fast food chain accused of using its mobile app to collect “vast amounts of sensitive location data” in violation of Canadian privacy laws, says it’s reached a proposed settlement in the resulting class action lawsuits, Vice reports. To make up for tracking users, recording their movements “every few minutes” even when the app was closed, the chain is proposing…
Read More
01 Aug 2022
By Mary

InfoSec News Nuggets 08/01/2022

Huge network of 11,000 fake investment sites targets Europe Researchers have uncovered a gigantic network of more than 11,000 domains used to promote numerous fake investment schemes to users in Europe. The platforms show fabricated evidence of enrichment and falsified celebrity endorsements to create an image of legitimacy and lure in a larger number of victims. The goal of the operation is to trick users into an opportunity for high-return investments and convince them to deposit a minimum…
Read More
22 Jul 2022
By Mary

InfoSec News Nuggets 07/22/2022

Windows 11 is getting a new security setting to block ransomware attacks Microsoft is rolling out a new security default for Windows 11 that will go a long way to preventing ransomware attacks that begin with password-guessing attacks and compromised credentials. The new account security default on account credentials should help thwart ransomware attacks that are initiated after using compromised credentials or brute-force password attacks to access remote desktop protocol (RDP) endpoints, which are often exposed…
Read More
21 Jul 2022
By Mary

InfoSec News Nuggets 07/21/2022

Don’t Look Now, but Congress Might Pass an Actually Good Privacy Bill USUALLY, WHEN CONGRESS is working on major tech legislation, the inboxes of tech reporters get flooded with PR emails from politicians and nonprofits either denouncing or trumpeting the proposed statute. Not so with the American Data Privacy and Protection Act. A first draft of the bill seemed to pop up out of nowhere in June. Over the next month, it went through so many…
Read More
20 Jul 2022
By Mary

InfoSec News Nuggets 07/20/2022

Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems 300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuDrive, Harbortouch and InTouchPOS services. Magecart campaigns have been skimming payment-card credentials of unsuspecting customers using three online restaurant-ordering systems, affecting about 300 restaurants that use the services and compromising tens of thousands of cards so far, researchers have found. Two separate ongoing Magecart campaigns have injected e-skimmer scripts into the online ordering…
Read More
19 Jul 2022
By Mary

InfoSec News Nuggets 7/19/2022

US Cybersecurity Agency CISA to Open London Office The US Cybersecurity and Infrastructure Security Agency (CISA) announced on Monday that it’s set to open an office in the United Kingdom in an effort to boost international cooperation and collaboration. The cyber defense agency’s first Attaché Office will open later this month in London and its goal is to “serve as a focal point for international collaboration between CISA, UK government officials, and other federal agency…
Read More
18 Jul 2022
By Mary

InfoSec News Nuggets 07/18/2022

Public Cloud Customers Admit Security Challenges Most global organizations aren’t fully confident in the effectiveness of their security controls in the public cloud, despite storing sensitive data there, according to a new Cloud Security Alliance (CSA) study. Sponsored by Anjuna Security, the Sensitive Data in the Cloud report is compiled from interviews with 452 IT and security professionals, from various organization sizes and locations. It revealed that over two-thirds (67%) of respondents now store sensitive data or…
Read More
14 Jul 2022
By Mary

InfoSec News Nuggets 07/14/2022

Joshua Schulte: Former CIA hacker convicted of 'brazen' data leak Joshua Schulte was convicted of sending the CIA's "Vault 7" cyber-warfare tools to the whistle-blowing platform. He had denied the allegations. The 2017 leak of some 8,761 documents revealed how intelligence officers hacked smartphones overseas and turned them into listening devices. Prosecutors said the leak was one of the most "brazen" in US history. Damian Williams, the US attorney for the Southern District of New…
Read More
13 Jul 2022
By Mary

InfoSec News Nuggets 07/13/2022

New ‘Luna Moth’ hackers breach orgs via fake subscription renewals A new data extortion group has been breaching companies to steal confidential information, threatening victims to make the files publicly available unless they pay a ransom. The gang received the name Luna Moth and has been active since at least March in phishing campaigns that delivered remote access tools (RAT) that enable the corporate data theft. The Incident Response team at cybersecurity company Sygnia has been tracking…
Read More
12 Jul 2022
By Mary

InfoSec News Nuggets 07/12/2022

How to auto block macros in Microsoft Office docs from the internet With Microsoft temporarily rolling back a feature that automatically blocks macros in Microsoft Office files downloaded from the Internet, it is essential to learn how to configure this security setting manually. This article will explain why users should block macros in Internet downloads and how you can block them in Microsoft Office. A common distribution method used by some of the most notorious…
Read More
11 Jul 2022
By Mary

InfoSec News Nuggets 07/11/2022

Phishing Attacks Are Getting Trickier Phishing attacks have become the most common method cyber attackers use to target people at work and at home. Phishing attacks have traditionally been emails sent by cyber attackers to trick you into doing something you should not do, such as opening an infected email attachment, clicking on a malicious link, or sharing your password. While traditional phishing attacks continue today, many cyber attackers are creating advanced phishing emails that…
Read More
08 Jul 2022
By Mary

InfoSec News Nuggets 07/08/2022

Operation 404: Brazilian authorities crack down on piracy in the metaverse Brazil's Ministry of Justice and Public Security announced that it has carried out its first search within the metaverse as part of an operation aimed at tackling digital piracy and crimes against intellectual property.  Dubbed Operation 404, the initiative is in its fourth iteration. On June 21, the Brazilian authorities arrested at least a dozen individuals across various states nationwide, with several false profiles…
Read More
06 Jul 2022
By Mary

InfoSec News Nuggets 07/06/2022

Rising threats spark US scramble for cyber workers The federal government and private sector are facing increasing pressure to fill key cyber roles as high-profile attacks and international threats rattle various U.S. sectors. Workforce shortages have been a long-running issue in cyber, but they have taken on renewed importance amid rising Russian threats stemming from the war in Ukraine. “It’s an issue that the government faces as well as the private sector, state and local…
Read More
05 Jul 2022
By Mary

InfoSec News Nuggets 07/05/2022

Microsoft finds Raspberry Robin worm in hundreds of Windows networks Microsoft says that a recently spotted Windows worm has been found on the networks of hundreds of organizations from various industry sectors. The malware, dubbed Raspberry Robin, spreads via infected USB devices, and it was first spotted in September 2021 by Red Canary intelligence analysts. Cybersecurity firm Sekoia also observed it using QNAP NAS devices as command and control servers (C2) servers in early November [PDF], while…
Read More
01 Jul 2022
By Mary

InfoSec News Nuggets 07/01/2022

Google: Half of 2022's Zero-Days Are Variants of Previous Vulnerabilities Google Project Zero has observed a total of 18 exploited zero-day vulnerabilities in the first half of 2022, at least half of which exist because previous bugs were not properly addressed. According to Google Project Zero researcher Maddie Stone, nine of the in-the-wild zero-days seen so far this year could have been prevented had organizations applied more comprehensive patching. “On top of that, four of the 2022…
Read More
30 Jun 2022
By Mary

InfoSec News Nuggets 06/30/2022

AMD targeted by RansomHouse, attackers claim to have '450Gb' in stolen data If claims hold true, AMD has been targeted by the extortion group RansomHouse, which says it is sitting on a trove of data stolen from the processor designer following an alleged security breach earlier this year. RansomHouse says it obtained the files from an intrusion into AMD's network on January 5, 2022, and that this isn't material from a previous leak of its intellectual property.…
Read More
28 Jun 2022
By Mary

InfoSec News Nuggets 06/28/2022

LGBTQ+ community warned of extortionists abusing dating apps The U.S. Federal Trade Commission (FTC) has warned this week of extortion scammers targeting the LGBTQ+ community by abusing online dating apps like Grindr and Feeld. According to the FTC, the criminals pose as potential romantic partners on LGBTQ+ dating apps, sending explicit photos to their targets and asking them to reciprocate. If they fall for it, the victims get blackmailed into paying a ransom, usually in…
Read More
27 Jun 2022
By Mary

InfoSec News Nuggets 06/27/2022

Japanese man loses USB stick with entire city's personal details For many, after-work drinks are a common way of relaxing after a busy week. But one worker in Japan could be nursing a protracted hangover after he lost a USB memory stick following a night out with colleagues. Why? It contained the personal details of nearly half a million people. The unnamed man placed the memory stick in his bag before an evening of drinking…
Read More
24 Jun 2022
By Mary

InfoSec News Nuggets 06/24/2022

Multiple Backdoored Python Libraries Caught Stealing AWS Secrets and Keys Researchers have discovered a number of malicious Python packages in the official third-party software repository that are engineered to exfiltrate AWS credentials and environment variables to a publicly exposed endpoint. The list of packages includes loglib-modules, pyg-modules, pygrata, pygrata-utils, and hkg-sol-utils, according to Sonatype security researcher Ax Sharma. The packages and as well as the endpoint have now been taken down. "Some of these packages…
Read More
23 Jun 2022
By Mary

InfoSec News Nuggets 06/23/2022

Mega says it can’t decrypt your files. New POC exploit shows otherwise In the decade since larger-than-life character Kim Dotcom founded Mega, the cloud storage service has amassed 250 million registered users and stores a whopping 120 billion files that take up more than 1,000 petabytes of storage. A key selling point that has helped fuel the growth is an extraordinary promise that no top-tier Mega competitors make: Not even Mega can decrypt the data it stores. On…
Read More
22 Jun 2022
By Mary

InfoSec News Nuggets 06/22/2022

DDoS-for-hire service provider jailed Matthew Gatrel, a 33-year-old man from St. Charles, Illinois, has been sentenced to two years in prison for running websites that provide powerful distributed denial-of-service (DDoS) attacks against internet users and websites. This sentencing resulted in the seizure of his websites, making the internet a little safer from DDoS attacks. Gatrel was the administrator and owner of DownThem.org and AmpNode.com, two DDoS-for-hire websites with thousands of clients which launched attacks against more than 200,000 targets. He was convicted of three…
Read More
21 Jun 2022
By Mary

InfoSec News Nuggets 06/21/2022

A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould Researchers from Proofpoint reported that a feature in the in Microsoft 365 suite could be abused to encrypt files stored on SharePoint and OneDrive. “Proofpoint has discovered a potentially dangerous piece of functionality in Office 365 or Microsoft 365 that allows ransomware to encrypt files stored on SharePoint and OneDrive in a way that makes them unrecoverable without dedicated backups or a decryption key…
Read More
20 Jun 2022
By Mary

InfoSec News Nuggets 06/20/2022

2,000 arrests in crackdown on social engineering and business email scams The international police organization Interpol has arrested 2,000 people in a crackdown on social-engineering rackets and intercepted $50 million in illicit funds. Interpol announced it had conducted raids at 1,700 locations over two months, seizing $50 million in fraudulently gained proceeds and arresting 2,000 people, which it described as "operators, fraudsters and money launderers" as part of its crackdown on social engineering and business email compromise (BEC)…
Read More
17 Jun 2022
By Mary

InfoSec News Nuggets 06/17/2022

Facebook, Twitter, TikTok, Google and others agree to new EU rules to fight disinformation Tech companies operating some of the world’s biggest online platforms — including Facebook-owner Meta, Microsoft, Google, Twitter, Twitch, and TikTok — have signed up to a new EU rulebook for tackling online disinformation. These firms and others will have to make greater efforts to halt the spread of fake news and propaganda on their platforms, as well as share more granular data on their work…
Read More
16 Jun 2022
By Mary

InfoSec News Nuggets 06/16/2022

Bluetooth Signals Can Be Used to Track Smartphones, Say Researchers Researchers warn Bluetooth signals can be used to track device owners via a unique fingerprinting of the radio signal. The technique was presented via a paper presented at IEEE Security and Privacy conference last month by researchers at the University of California San Diego. The paper suggests that minor manufacturing imperfections in hardware are unique with each device, and cause measurable distortions which can be used as…
Read More
15 Jun 2022
By Mary

InfoSec News Nuggets 06/15/2022

Top cyber official says transformation needed in cyberspace National Cyber Director Chris Inglis said Monday that the administration and federal agencies should prioritize transforming the way they approach and invest in cybersecurity, as previous efforts have “not worked.” Ingles was speaking at cyber summit hosted by the Information Technology Industry Council on ways the public and private sector can combat cyber threats. “I think that everything else that we have tried, as nobly intended, has not worked,”…
Read More
14 Jun 2022
By Mary

InfoSec News Nuggets 06/14/2022

Roblox Game Pass store used to sell ransomware decryptor A new ransomware is taking the unusual approach of selling its decryptor on the Roblox gaming platform using the service's in-game Robux currency. Roblox is an online kids gaming platform where members can create their own games and monetize them by selling Game Passes, which provide in-game items, special access, or enhanced features. To pay for these Game Passes, members must purchase them using an in-game…
Read More
10 Jun 2022
By Mary

InfoSec News Nuggets 06/10/2022

Researchers Detail How Cyber Criminals Target Cryptocurrency Users Cybercriminals are impersonating popular crypto platforms such as Binance, Celo, and Trust Wallet with spoofed emails and fake login pages in an attempt to steal login details and deceptively transfer virtual funds. "As cryptocurrency and non-fungible tokens (NFTs) become more mainstream, and capture headlines for their volatility, there is a greater likelihood of more individuals falling victim to fraud attempting to exploit people for digital currencies," Proofpoint said in…
Read More
09 Jun 2022
By Mary

InfoSec News Nuggets 06/09/2022

Microsoft seizes 41 domains tied to 'Iranian phishing ring' Microsoft has obtained a court order to seize 41 domains used by what the Windows giant said was an Iranian cybercrime group that ran a spear-phishing operation targeting organizations in the US, Middle East, and India. The Microsoft Digital Crimes Unit said the gang, dubbed Bohrium, took a particular interest in those working in technology, transportation, government, and education sectors: its members would pretend to be job…
Read More
08 Jun 2022
By Mary

InfoSec News Nuggets 06/08/2022

U.S. Government Ordered Travel Companies To Spy On Russian Hacker For Years And Report His Whereabouts Every Week In 2015, the U.S. Secret Service was on the hunt for Aleksei Burkov, an infamous Russian hacker suspected of facilitating the theft of $20 million from stolen credit cards on the Cardplanet website. The methods the agency used to pursue him, revealed for the first time as a result of a Forbes legal challenge, show how the U.S. government was able…
Read More
07 Jun 2022
By Mary

InfoSec News Nuggets 06/07/2022

100 days of war in Ukraine: How the conflict is playing out in cyberspace On January 14th this year, a raid by Russian law enforcement authorities made headlines all over the world, as it resulted in the arrests of 14 members of the infamous Sodinokibi/REvil ransomware gang. The crackdown came after a series of talks between U.S. and Russian officials, including June’s Geneva meeting between Presidents Biden and Putin. The Russian intelligence agency, FSB, confirmed that “the individual responsible for…
Read More
06 Jun 2022
By Mary

InfoSec News Nuggets 06/06/2022

Evil Corp affiliates are using off-the-shelf ransomware to evade sanctions Hackers likely affiliated with the notorious Russian cybercrime group Evil Corp are using off-the-shelf ransomware to evade U.S. sanctions, researchers at security firm Mandiant have found. The researchers’ observations, published Thursday, are just the latest example of how cybercriminals affiliated with Evil Corp have shifted tactics after U.S. sanctions in 2019 increased scrutiny over transactions with the group. The group, which had already started pivoting…
Read More
03 Jun 2022
By Mary

InfoSec News Nuggets 06/03/2022

Hackers steal WhatsApp accounts using call forwarding trick There’s a trick that allows attackers to hijack a victim’s WhatsApp account and gain access to personal messages and contact list. The method relies on the mobile carriers’ automated service to forward calls to a different phone number, and WhatsApp’s option to send a one-time password (OTP) verification code via voice call. Rahul Sasi, the founder and CEO of digital risk protection company CloudSEK, posted some details…
Read More