InfoSec News Nuggets 12/02/2024

Police bust pirate streaming service making €250 million per month An international law enforcement operation has dismantled a pirate streaming service that served over 22 million users worldwide and made €250 million ($263M) per month. Italy's Postal and Cybersecurity Police Service announced the action, codenamed "Taken Down," stating they worked with Eurojust, Europol, and many other European countries, making this the largest takedown of its kind in Italy and internationally. "More than 270 Postal Police officers, in…
Read More

InfoSec News Nuggets 11/27/2024

US government agencies told to patch these critical security flaws or face attack The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new critical vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning federal agencies they have a three-week deadline to apply the available patch, or stop using the affected software altogether. The agency added a missing authentication vulnerability to KEV tracked under CVE-2023-28461, which has a severity score of 9.8, and allows…
Read More

InfoSec News Nuggets 11/26/2024

7-Zip affected by dangerous vulnerability: users must update the app manually The popular file compression program 7-Zip is currently affected by a high-severity vulnerability that allows attackers to execute code on the victim’s machines, Trend Micro’s Zero Day Initiative (ZDI) has disclosed. The flaw has a severity score of 7.8 out of 10, and it affects all 7-Zip versions prior to 24.07. It was released on June 19th, 2024, and the current version is 24.08.…
Read More

InfoSec News Nuggets 11/25/2024

Now Online Safety Act is law, UK has 'priorities' – but still won't explain 'spy clause' The UK government has set out plans detailing how it will use the new law it has created to control online platforms and social media – with one telling exception. The Draft Statement of Strategic Priorities for online safety places an emphasis on platform providers preventing online harms in the first place, and collaborating with regulator Ofcom on how the new…
Read More

InfoSec News Nuggets 11/22/2024

Now Online Safety Act is law, UK has 'priorities' – but still won't explain 'spy clause' The UK government has set out plans detailing how it will use the new law it has created to control online platforms and social media – with one telling exception. The Draft Statement of Strategic Priorities for online safety places an emphasis on platform providers preventing online harms in the first place, and collaborating with regulator Ofcom on how the new…
Read More

InfoSec News Nuggets 11/21/2024

Fake Discount Sites Exploit Black Friday to Hijack Shopper Information A new phishing campaign is targeting e-commerce shoppers in Europe and the United States with bogus pages that mimic legitimate brands with the goal of stealing their personal information ahead of the Black Friday shopping season. "The campaign leveraged the heightened online shopping activity in November, the peak season for Black Friday discounts. The threat actor used fake discounted products as phishing lures to deceive…
Read More

InfoSec News Nuggets 11/20/2024

300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks Over 300 drinking water systems that serve roughly 110 million people in the US are affected by vulnerabilities that could lead to service disruptions, a new report from the Environmental Protection Agency (EPA)’s Office of Inspector General (OIG) shows. A passive assessment of security defects in 1,062 drinking water systems that serve over 193 million individuals has revealed that a quarter of them…
Read More

InfoSec News Nuggets 11/19/2024

Porch pirates appear to be accessing AT&T data to track iPhone deliveries A new report today suggests that porch pirates – thieves who steal packages left on doorsteps shortly after delivery – have accessed tracking data from AT&T systems to follow iPhone deliveries. There has been a marked uptick in iPhones being stolen from doorsteps after being ordered from AT&T and delivered by Fedex, apparently with the help of real-time delivery updates.   Phobos Ransomware Administrator Extradited from South…
Read More

InfoSec News Nuggets 11/18/2024

Hackers now sending physical malicious letters, Swiss authorities warn Is there anything threat actors won’t do to gain initial access? Swiss authorities are warning about a new sophisticated cybersecurity threat – malicious counterfeit letters. Cyber bandits have launched a malicious campaign across Switzerland using counterfeit letters that appear to be from MeteoSwiss (the Federal Office of Meteorology and Climatology). The victims report that the letters contain a QR code asking recipients to download a new…
Read More

InfoSec News Nuggets 11/15/2024

Chinese national faces 20 years in US prison for laundering pig-butchering proceeds One of the ringleaders of a scheme to launder millions stolen through cryptocurrency investment scams pleaded guilty in a California courtroom on Tuesday. Daren Li, 41, faces up to 20 years in prison for taking part in an operation that laundered more than $73 million stolen from people duped by so-called “pig-butchering” scams. Pig butchering typically involves a scammer forming a relationship with a…
Read More

InfoSec News Nuggets 11/14/2024

Our heat map shows sectors with $7.1 trillion in debt face heightened cyber risk Cyber risk in the telecommunications, airlines, and power generation industries shifts to the highest level in our latest cyber heat map. Numerous other sectors, including manufacturing, education, medical products, mass transit, and ports, also show more acute risk than in our 2022 heat map, either due to rising exposure or weaker oversight than in other industries. Together, these sectors account for…
Read More

InfoSec News Nuggets 11/11/2024

FBI says hackers are sending fraudulent police data requests to tech giants to steal people’s private information  The FBI is warning that hackers are obtaining private user information — including emails and phone numbers — from U.S.-based tech companies by compromising government and police email addresses to submit “emergency” data requests. The FBI’s public notice filed this week is a rare admission from the federal government about the threat from fraudulent emergency data requests, a legal process designed…
Read More

InfoSec News Nuggets 11/08/2024

Roblox is banning kids from ‘social hangout’ spaces  Roblox is going to block kids from accessing certain types of experiences following reports alleging that the platform has enabled child abuse. One new measure will stop kids under 13 from accessing experiences with “certain types of interactive features,” Roblox says in a post on its developer forum. Those include “social hangouts,” where the primary purpose is to communicate with others over text or voice chat, and “free-form 2D…
Read More

InfoSec News Nuggets 11/07/2024

Warning: Hackers could take over your email account by stealing cookies, even if you have MFA  The Federal Bureau of Investigation (FBI) has issued a warning that cybercriminals are taking over email accounts via stolen session cookies, allowing them to bypass the multi-factor authentication (MFA) a user has set up. Here’s how it works. Most of us don’t think twice about checking the “Remember me” box when we log in. When you log in and the server has verified…
Read More

InfoSec News Nuggets 11/06/2024

Cisco notifies ‘limited set’ of customers after hacker accessed non-public files  Cisco said it has notified a limited set of customers about files that were accessed by a hacker during an incident announced in October. The tech giant has repeatedly denied that it suffered a breach but said on October 18 its investigation into the incident revealed that a threat actor downloaded data on a public-facing DevHub environment — a platform the company uses to make software code, scripts and…
Read More

InfoSec News Nuggets 11/05/2024

Chinese APTs Cash In on Years of Edge Device Attacks  Chinese threat actors are operating at a higher level today than ever before, thanks to years of trial-and-error-style attacks against mass numbers of edge devices. Networking devices are a known favorite of China's advanced persistent threats (APT), and why wouldn't they be? Sitting on the outer banks of an enterprise network, they not only allow threat actors a way in, they also double as useful nodes for…
Read More

InfoSec News Nuggets 11/04/2024

Microsoft Delays Windows Copilot+ Recall Release Over Privacy Concerns  Microsoft is further delaying the release of its controversial Recall feature for Windows Copilot+ PCs, stating it's taking the time to improve the experience. The development was first reported by The Verge. The artificial intelligence-powered tool was initially slated for a preview release starting in October. "We are committed to delivering a secure and trusted experience with Recall," the company said in an updated statement released Thursday. "To ensure we deliver on these…
Read More

InfoSec News Nuggets 10/31/2024

Security flaws found in all Nvidia GeForce GPUs. Update drivers ASAP! Graphics card manufacturer Nvidia is currently issuing a warning to all owners of GeForce GPUs. According to an , several security vulnerabilities requiring urgent attention have been discovered in the company’s own display drivers and other software. A total of eight vulnerabilities are listed, all of them with a “High” severity rating. If you have an Nvidia GeForce GPU, you need to act now.  …
Read More

InfoSec News Nuggets 10/30/2024

Meta is reportedly working on its own AI-powered search engine, too Meta is working on an AI-powered search engine to decrease its dependence on Google and Microsoft, according to a report from The Information. The search engine would reportedly provide AI-generated search summaries of current events within the Meta AI chatbot. The Meta AI bot built into Instagram and Facebook currently uses Google — whose parent company, Alphabet, will report quarterly earnings tomorrow — and Microsoft Bing…
Read More

InfoSec News Nuggets 10/29/2024

Study shows that LLMs could maliciously be used to poison biomedical knowledge graphs In recent years, medical researchers have devised various new techniques that can help them to organize and analyze large amounts of research data, uncovering links between different variables (e.g., diseases, drugs, proteins, etc.). One of these methods entails building so-called biomedical knowledge graphs (KGs), which are structured representations of biomedical datasets.   Throne’s toilet camera takes pictures of your poop Throne is an…
Read More

InfoSec News Nuggets 10/28/2024

Apple Intelligence bug bounty invites researchers to test its privacy claims Apple is inviting investigations into the Private Cloud Compute (PCC) system that powers more computationally intensive Apple Intelligence requests. The company is also expanding its bug bounty program to offer payouts of up to $1,000,000 for people who discover PCC vulnerabilities. The company has boasted about how many AI features (branded as Apple Intelligence) will run on-device without leaving your Mac, iPhone, or other Apple hardware.…
Read More

InfoSec News Nuggets 10/25/2024

Millions affected in major health data breach caused by a missing password Researchers from Cybernews have reported finding a huge database containing sensitive customer information from the Mexican healthcare sector left unprotected online. The team discovered a misconfigured Kibana instance with a “tremendous volume” of information, later attributed to eCaresoft, a software company behind two cloud-based Hospital Information Systems - Cirrus and Anytime. These platforms are used by more than 65 hospitals, 110 outpatient care centers, and…
Read More

InfoSec News Nuggets 10/24/2024

AI-Powered Attacks Flood Retail Websites Retailers experienced over half a million (569,884) AI-driven attacks per day according to a recent six-month analysis by cybersecurity firm Imperva. These attacks originate from AI tools like ChatGPT, Claude, and Gemini, alongside specialized bots that are designed to scrape websites for LLM training data. The Thales-owned firm observed a range of AI-driven threats, including bots, distributed denial of service (DDoS) attacks, API violations, and business logic abuse.   The Global Surveillance Free-for-All…
Read More

InfoSec News Nuggets 10/23/2024

Europe launches ‘gait recognition’ pilot program to monitor border crossings A European Commission-funded biometric “gait recognition” program to study how to more easily identify people crossing the European Union’s external borders by examining their unique walking styles kicked off Thursday. The initiative, dubbed the PopEye Project, is supported by a €3.2 million ($3.5 million) grant that covers a three-year pilot testing the technology, according to TechTransfer, a program at the Vrije Universiteit Brussels and a partner on…
Read More

InfoSec News Nuggets 10/22/2024

Bumblebee and Latrodectus Malware Return with Sophisticated Phishing Strategies  Two malware families that suffered setbacks in the aftermath of a coordinated law enforcement operation called Endgame have resurfaced as part of new phishing campaigns. Bumblebee and Latrodectus, which are both malware loaders, are designed to steal personal data, along with downloading and executing additional payloads onto compromised hosts. Tracked under the names BlackWidow, IceNova, Lotus, or Unidentified 111, Latrodectus, is also considered to be a successor to IcedID owing to infrastructure overlaps between the two…
Read More

InfoSec News Nuggets 10/21/2024

Password manager makers want to let you securely transfer passkeys The FIDO Alliance, the organization that’s helping shepherd passkey adoption, announced a draft of new specifications that would let users securely move their passkeys across different password managers. Passkeys are great — it’s nice to be able to log in to apps and websites without entering a password. But there hasn't been a standard protocol for transferring your passkeys across password managers. The new specifications, the Credential Exchange…
Read More

InfoSec News Nuggets 10/18/2024

From QR to compromise: The growing “quishing” threat Security professionals are always on the lookout for evolving threat techniques. The Sophos X-Ops team recently investigated phishing attacks targeting several of our employees, one of whom was tricked into giving up their information. The attackers used so-called quishing (a portmanteau of “QR code” and “phishing”). QR codes are a machine-readable encoding mechanism that can encapsulate a wide variety of information, from lines of text to binary…
Read More

InfoSec News Nuggets 10/17/2024

New CounterSEVeillance and TDXDown Attacks Target AMD and Intel TEEs Security researchers continue to find ways to attack Intel and AMD processors, and the chip giants over the past week have issued responses to separate research targeting their products. The research projects were aimed at Intel and AMD trusted execution environments (TEEs), which are designed to protect code and data by isolating the protected application or virtual machine (VM) from the operating system and other…
Read More

InfoSec News Nuggets 10/16/2024

Gmail Scam Alert: Hackers Spoof Google to Steal Credentials Boasting over 2.5 billion users worldwide, Gmail reigns as the most prevalent email service globally. Consequently, it comes as no surprise that this platform has become a focal point for malicious actors seeking to infiltrate accounts and pilfer sensitive data. Sam Mitrovic, an expert on Microsoft security products and the founder of CloudJoy, a Power Platform consultancy, recently sounded the alarm regarding an exceptionally sophisticated, AI-augmented…
Read More

InfoSec News Nuggets 10/15/2024

Casio confirms customer data stolen in a ransomware attack Casio now confirms it suffered a ransomware attack earlier this month, warning that the personal and confidential data of employees, job candidates, and some customers was also stolen. The attack was disclosed Monday when Casio warned that it was facing system disruption and service outages due to unauthorized access to its networks during the weekend. Yesterday, the Underground ransomware group claimed responsibility for the attack, leaking various documents allegedly stolen…
Read More

InfoSec News Nuggets 10/14/2024

Lamborghini Carjackers Lured by $243M Cyberheist The parents of a 19-year-old Connecticut honors student accused of taking part in a $243 million cryptocurrency heist in August were carjacked a week later — while out house-hunting in a brand new Lamborghini. Prosecutors say the couple was beaten and briefly kidnapped by six young men who traveled from Florida as part of a botched plan to hold the parents for ransom. Late in the afternoon of Aug.…
Read More

InfoSec News Nuggets 10/09/2024

European govt air-gapped systems breached using custom malware  An APT hacking group known as GoldenJackal has successfully breached air-gapped government systems in Europe using two custom toolsets to steal sensitive data, like emails, encryption keys, images, archives, and documents. According to an ESET report, this happened at least two times, one against the embassy of a South Asian country in Belarus in September 2019 and again in July 2021, and another against a European government organization between May 2022…
Read More

InfoSec News Nuggets 10/08/2024

DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks  The US Department of Justice and Microsoft have seized 107 websites used by Russian cyberspies in a phishing campaign to steal sensitive information from US government agencies, think tanks, and other victims. Court orders targeted domains belonging to Russia's Callisto Group (aka Star Blizzard and Coldriver), a hacking unit of the Russian Federal Security Service (FSB) that has been attacking defense, intelligence, political…
Read More

InfoSec News Nuggets 10/04/2024

Iranians Accused of Hacking US Presidential Campaigns; $10 Million Offered for Info on their Location The Justice Department announced that three Iranian nationals and Islamic Revolutionary Guard Corps (IRGC) employees, at the same time, have been indicted for hacking accounts belonging to US officials, journalists, and individuals associated with US political campaigns. Several reports of hacks related to political campaigns have surfaced in recent months as unknown hackers breached various systems and networks, then stole…
Read More

InfoSec News Nuggets 10/03/2024

NCA unmasks man it suspects is both 'Evil Corp kingpin' and LockBit affiliate The latest installment of the National Crime Agency's (NCA) series of ransomware revelations from February's LockBit Leak Week emerges today as the agency identifies a man it not only believes is a member of the long-running Evil Corp crime group but also a LockBit affiliate. The NCA claimed Aleksandr Ryzhenkov is a high-ranking Evil Corp member – and also alleged he is the LockBit…
Read More

InfoSec News Nuggets 10/02/2024

If you're holding important data, Iran is probably trying spearphish it US and UK national security agencies are jointly warning about Iranian spearphishing campaigns, which remain an ongoing threat to various industries and governments. A security advisory published late on Friday says that high-value individuals are being targeted with social engineering attempts to harvest credentials for their personal accounts. If successful, the attackers rummage around whatever service they've gained access to in search of data…
Read More

InfoSec News Nuggets 10/01/2024

Senate bill pushes cyber mandates for medical industry in wake of Change Healthcare debacle Hospitals and other healthcare businesses would be required to adopt minimum cybersecurity standards and face annual audits under new legislation introduced by two prominent senators on Thursday. The Health Infrastructure Security and Accountability Act, announced by Sens. Ron Wyden (D-OR) and Mark Warner (D-VA), would  provide $1.3 billion for the Department of Health and Human Services (HHS) to support hospitals and create…
Read More

InfoSec News Nuggets 9/30/2024

Microsoft: Windows Recall now can be removed, is more secure Microsoft has announced security and privacy upgrades to its AI-powered Windows Recall feature, which now can be removed and has stronger default protection for user data and tighter access controls. Today's announcement comes in response to customer pushback requesting stronger default data privacy and security protections, which prompted the company to delay its public release by making it first available for preview with Windows Insiders. Redmond also…
Read More

InfoSec News Nuggets 9/27/2024

US sanctions crypto exchanges used by Russian ransomware gangs The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned Cryptex and PM2BTC, two cryptocurrency exchanges that laundered funds from Russian ransomware gangs and other cybercrime groups. Cryptex (which used the cryptex[.]net domain) reportedly provides financial services to cybercriminals and laundered over $51 million in funds linked to ransomware attacks. "Cryptex is also associated with over $720 million in transactions to services frequently used…
Read More

InfoSec News Nuggets 9/26/2024

Hacker plants false memories in ChatGPT to steal user data in perpetuity When security researcher Johann Rehberger recently reported a vulnerability in ChatGPT that allowed attackers to store false information and malicious instructions in a user’s long-term memory settings, OpenAI summarily closed the inquiry, labeling the flaw a safety issue, not, technically speaking, a security concern. So Rehberger did what all good researchers do: He created a proof-of-concept exploit that used the vulnerability to exfiltrate…
Read More

InfoSec News Nuggets 9/25/2024

'Cybersecurity issue' takes MoneyGram offline for three days – and counting A "cybersecurity issue" has shut down MoneyGram's systems and payment services since Friday, and the fintech leader has yet to update customers as to when it expects to have its global money transfer services back up and running. The downed services reportedly include in-person payments as well as online transactions. The Register has asked Texas-based MoneyGram for comment and will update this story if and when we receive…
Read More

InfoSec News Nuggets 9/24/2024

Microsoft ends development of Windows Server Update Services (WSUS) Microsoft has officially announced that Windows Server Update Services (WSUS) is now deprecated, but plans to maintain current functionality and continue publishing updates through the channel. This move isn't surprising, as Microsoft first listed WSUS as one of the "features removed or no longer developed starting with Windows Server 2025" on August 13. In June, the company also revealed that it would also soon deprecate WSUS driver synchronization.…
Read More

InfoSec News Nuggets 9/23/2024

Hacker Claims “Minor” Data Breach at DELL; Leaks Over 10,000 Employee Details A hacker claims Dell suffered a “minor” breach, exposing over 10,000 employee records. The incident raises cybersecurity concerns amid ongoing threats targeting businesses by tricking employees into phishing and phone call scams. A hacker using the alias “grep” claims that the technology giant Dell has experienced a “minor” data breach, resulting in the theft of over ten thousand (10,863) employee records. This information…
Read More

InfoSec News Nuggets 9/20/2024

Walmart customers scammed via fake shopping lists, threatened with arrest Shopping online or attempting to get in touch with a store is a little bit like walking on a minefield: you might get lucky or take a wrong step and get scammed. Case in point, a malicious ad campaign is abusing Walmart Lists, a kind of virtual shopping list customers can share with family and friends, by embedding rogue customer service phone numbers with the appearance…
Read More

InfoSec News Nuggets 9/19/2024

Chinese spies spent months inside aerospace engineering firm's network via legacy IT Chinese state-sponsored spies have been spotted inside a global engineering firm's network, having gained initial entry using an admin portal's default credentials on an IBM AIX server. In an exclusive interview with The Register, Binary Defense's Director of Security Research John Dwyer said the cyber snoops first compromised one of the victim's three unmanaged AIX servers in March, and remained inside the US-headquartered manufacturer's…
Read More

InfoSec News Nuggets 9/18/2024

Concealed networks: Are dark web syndicates turning to social media for cybercrime? If you envision the dark web as a shadowy realm where cybercriminals orchestrate nefarious activities under the cover of anonymity, you’re not far from the truth. However, the dark web isn’t just as unreachable as you’d think—you likely interact with it more often than you realize. Given this reality, both businesses and individuals must ask: What are the chances that your sensitive, confidential…
Read More

InfoSec News Nuggets 9/17/2024

Port of Seattle confirmed that Rhysida ransomware gang was behind the August attack In August, a cyber attack hit the Port of Seattle, which also operates the Seattle-Tacoma International Airport, websites and phone systems were impacted. Media reported that the Port of Seattle, which also operates the Seattle-Tacoma International Airport, suffered a cyber attack that impacted the websites, email and phone services. According to The Seattle Times, the cyber attack disrupted travel plans. “A spokesperson…
Read More

InfoSec News Nuggets 9/16/2024

Scammers advertise fake AppleCare+ service via GitHub repos We’ve uncovered a malicious campaign going after Mac users looking for support or extended warranty from Apple via the AppleCare+ support plans. The perpetrators are buying Google ads to lure in their victims and redirect them to bogus pages hosted on GitHub, the developer and code repository platform owned by Microsoft. The goal of this scam is to get unsuspecting people on the phone with someone pretending to…
Read More

InfoSec News Nuggets 9/13/2024

Fortinet confirms data breach after hacker claims to steal 440GB of files Cybersecurity giant Fortinet has confirmed it suffered a data breach after a threat actor claimed to steal 440GB of files from the company's Microsoft Sharepoint server. Fortinet is one of the largest cybersecurity companies in the world, selling secure networking products like firewalls, routers, and VPN devices. The company also offers SIEM, network management, and EDR/XDR solutions, as well as consulting services. Early this…
Read More

InfoSec News Nuggets 9/12/2024

Utah social media law requiring age verification blocked by judge A federal judge halted a Utah child safety law requiring social platforms to verify the ages of their users. In an order on Tuesday, Judge Robert J. Shelby issued a preliminary injunction in favor of NetChoice, saying the law likely violates the First Amendment. NetChoice, the technology trade association that includes Meta, Snap, Google, and X, sued the state to block the law in December 2023, alleging it “violates the…
Read More