01 Feb 2024
By Mary

InfoSec News Nuggets 2/1/2024

Two More Individuals Charged for DraftKings Hacking  Two more individuals have been indicted for their role in a credential stuffing attack resulting in unauthorized access to thousands of user accounts at a fantasy sports and betting website. The individuals, Nathan Austad, 19, of Farmington, Minnesota, and Kamerin Stokes, 21, of Memphis, Tennessee, allegedly participated in compromising the accounts using usernames and passwords obtained from other data breaches, and attempted to sell access to the accounts. A third…
Read More
31 Jan 2024
By Mary

InfoSec News Nuggets 1/31/2024

Microsoft stole my Chrome tabs, and it wants yours, too  Last week, I turned on my PC, installed a Windows update, and rebooted to find Microsoft Edge automatically open with the Chrome tabs I was working on before the update. I don’t use Microsoft Edge regularly, and I have Google Chrome set as my default browser. Bleary-eyed at 9AM, it took me a moment to realize that Microsoft Edge had simply taken over where I’d…
Read More
30 Jan 2024
By Mary

InfoSec News Nuggets 1/30/2024

DHS employees jailed for stealing data of 200K U.S. govt workers  Three former Department of Homeland Security (DHS) employees were sentenced to prison for stealing proprietary U.S. government software and databases containing the personal data of 200,000 federal employees. The three individuals are Charles K. Edwards, a former Acting Inspector General of the DHS Office of Inspector General (DHS-OIG), sentenced to 1.5 years in prison; Sonal Patel, a member of the department IT staff, sentenced…
Read More
29 Jan 2024
By Mary

InfoSec News Nuggets 1/29/2024

Akira ransomware gang says it stole passport scans from Lush in 110 GB data heist  The Akira ransomware gang is claiming responsiblity for the "cybersecurity incident" at British bath bomb merchant. Akira says it has stolen 110 GB of data from the UK-headquartered global cosmetics giant, which has more than 900 stores worldwide, allegedly including "a lot of personal documents" such as passport scans. Passport scans are routinely collected to verify identities during the course of the hiring process,…
Read More
26 Jan 2024
By Mary

InfoSec News Nuggets 1/26/2024

Meta announces steps to protect teens from unwanted contact on Instagram and Facebook  On Thursday (Jan. 25), Meta detailed a few new ways parents can better safeguard their teens on Instagram and Facebook. Adam Mosseri, Head of Instagram, shared a quick video on the platform explaining that a new set of "stricter messaging" settings are arriving. These settings for children under 16 and under 18 in other regions will help parents ensure they don't receive…
Read More
25 Jan 2024
By Mary

InfoSec News Nuggets 1/25/2024

News media, foreign affairs experts are targets of North Korean group’s latest campaign  North Korean state hackers are targeting media organizations and high-profile academics in a new espionage campaign, according to a new report released this week. The goal of these attacks, attributed by researchers at SentinelLabs to a hacker group known as ScarCruft or APT37, is to “gather strategic intelligence” that can “contribute to North Korea’s decision-making processes.” ScarCruft is a suspected North Korean state-sponsored group with a history of attacks…
Read More
24 Jan 2024
By Mary

InfoSec News Nuggets 1/24/2024

Jason’s Deli says customer data exposed in credential stuffing attack  Jason's Deli is warning of a data breach in notifications sent to customers of its online platform stating that their personal data was exposed in credential stuffing attacks. Jason's Deli is an American restaurant chain with 246 branches in 29 states, employing over 6,000 people and having an annual revenue of over $400 million. In a data breach notification sent to customers, Jason's Deli says hackers obtained…
Read More
23 Jan 2024
By Mary

InfoSec News Nuggets 1/23/2024

Five ripped off IT giant with $7M+ in bogus work expenses, prosecutors claim  Five people have been accused of pulling off a "brazen" scam that involved submitting more than $7 million in fake work expense claims to an IT consultancy to bankroll hotel stays, a cruise, visits to strip clubs, and more. Mark Angarola, Allison Angarola, Jose Garcia, Michelle Cox, and Lisa Mincak were all arrested and charged in the US with one count each of wire fraud…
Read More
22 Jan 2024
By Mary

InfoSec News Nuggets 1/22/2024

Vans, Supreme owner VF Corp says hackers stole 35 million customers’ personal data  VF Corp., the parent company of the popular apparel brands Vans, Supreme, and The North Face, said Thursday that hackers stole the personal data of 35.5 million customers in a December cyberattack. The Denver, Colorado-based company reported the data breach to regulators in a filing on Thursday. The filing did not say specifically what kinds of personal data was taken, or if the…
Read More
19 Jan 2024
By Mary

InfoSec News Nuggets 1/19/2024

New UEFI vulnerabilities send firmware devs industry wide scrambling  UEFI firmware from five of the leading suppliers contains vulnerabilities that allow attackers with a toehold in a user's network to infect connected devices with malware that runs at the firmware level. The vulnerabilities, which collectively have been dubbed PixieFail by the researchers who discovered them, pose a threat mostly to public and private data centers and possibly other enterprise settings. People with even minimal access to such a network—say a…
Read More
18 Jan 2024
By Mary

InfoSec News Nuggets 1/18/2024

OpenAI must defend ChatGPT fabrications after failing to defeat libel suit  OpenAI may finally have to answer for ChatGPT's "hallucinations" in court after a Georgia judge recently ruled against the tech company's motion to dismiss a radio host's defamation suit. OpenAI had argued that ChatGPT's output cannot be considered libel, partly because the chatbot output cannot be considered a "publication," which is a key element of a defamation claim. In its motion to dismiss, OpenAI also…
Read More
17 Jan 2024
By Mary

InfoSec News Nuggets 1/17/2024

Cloud Vendor Returns Stolen Hospital Data  A cloud services firm has turned over to a New York hospital alliance the patient data stolen in an August ransomware attack by the notorious LockBit gang. The hospital group - North Star Health Alliance - had filed a lawsuit against LockBit in November as a legal maneuver to force the storage firm to return the patient data the cybercriminals had exfiltrated from the hospitals and stashed on the Massachusetts vendor's servers.   …
Read More
16 Jan 2024
By Mary

InfoSec News Nuggets 1/16/2024

Juniper warns of critical RCE bug in its firewalls and switches Juniper Networks has released security updates to fix a critical pre-auth remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. Found in the devices' J-Web configuration interfaces and tracked as CVE-2024-21591, this critical security flaw can also be exploited by unauthenticated threat actors to get root privileges or launch denial-of-service (DoS) attacks against unpatched devices. "This issue is caused…
Read More
12 Jan 2024
By Mary

InfoSec News Nuggets 1/12/2024

Framework discloses data breach after accountant gets phished  Framework Computer disclosed a data breach exposing the personal information of an undisclosed number of customers after Keating Consulting Group, its accounting service provider, fell victim to a phishing attack. The California-based manufacturer of upgradeable and modular laptops says a Keating Consulting accountant was tricked on January 11 by a threat actor impersonating Framework's CEO into sharing a spreadsheet containing customers' personally identifiable information (PII) "associated with outstanding…
Read More
11 Jan 2024
By Mary

InfoSec News Nuggets 1/11/2024

Here’s Some Bitcoin: Oh, and You’ve Been Served!  A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. The case is thought to be first in which a federal court has recognized the use of information included in a bitcoin transaction — such as a link to a civil claim filed in federal court — as reasonably likely to provide…
Read More
10 Jan 2024
By Mary

InfoSec News Nuggets 1/10/2024

Fidelity National Financial says hackers stole data on 1.3 million customers  Real estate services giant Fidelity National Financial has confirmed hackers stole data on 1.3 million of its customers during a November cyberattack that knocked the company offline for a week. FNF said in a filing Tuesday with federal regulators: “We determined that an unauthorized third-party accessed certain FNF systems, deployed a type of malware that is not self-propagating, and exfiltrated certain data.” The company said…
Read More
09 Jan 2024
By Mary

InfoSec News Nuggets 1/9/2024

Supreme Court rejects decade-old Twitter First Amendment case  The Supreme Court has declined a long-running legal challenge from X Corp., formerly Twitter, over whether it can publicly reveal US government demands for user data. X Corp. v. Garland was on a list of denied petitions released this morning. That leaves X with a March 2023 ruling that the First Amendment doesn’t protect Twitter from limits on reporting national security demands — a ruling civil liberties…
Read More
08 Jan 2024
By Mary

InfoSec News Nuggets 1/8/2024

AI chatbots trained to jailbreak other chatbots, as the AI war slowly but surely begins  While AI ethics continues to be the hot-button issue of the moment, and companies and world governments continue to wrangle with the moral implications of a technology that we often struggle to define let alone control, here comes some slightly disheartening news: AI chatbots are already being trained to jailbreak other chatbots, and they seem remarkably good at it.   …
Read More
05 Jan 2024
By Mary

InfoSec News Nuggets 1/5/2024

How to protect your child on their new phone  While your child might want to use their brand-new phone to get online immediately, but as a parent, you need to make sure that they're protected against cyber threats. To make sure that your child’s personal details do not fall into the wrong hands and their device isn't ravaged by viruses and malware, you can install protect software like a VPN, an antivirus, and/or a password manager…
Read More
04 Jan 2024
By Mary

InfoSec News Nuggets 1/4/2024

Hacked Mandiant X Account Abused for Cryptocurrency Theft  Mandiant’s account on the social media platform X, formerly Twitter, was hacked on Wednesday and abused to lure users to a website designed to steal cryptocurrency from victims. The account of Mandiant, which is part of Google Cloud, was renamed to ‘Phantom’ and its profile image and description were updated to appear affiliated with the legitimate Phantom cryptocurrency wallet. Messages posted on the hijacked account promoted a website…
Read More
03 Jan 2024
By Mary

InfoSec News Nuggets 1/3/2024

Teen Found Alive After “Cyber-Kidnapping” Incident  A Chinese foreign exchange student has been found alive and well by Utah police after being caught up in what authorities are claiming to be a “cyber-kidnapping” case. Kai Zhuang, 17, was reported on December 28 by his parents in China as having been kidnapped, according to ABC4 Utah. They had apparently received a ransom photo of Zhuang and subsequently sent the extortionists $80,000. Police later found him “alive but very…
Read More
02 Jan 2024
By Mary

InfoSec News Nuggets 1/2/2024

Malware Leveraging Google Cookie Exploit via OAuth2 Functionality   CloudSEK’s threat research team has reported a critical exploit affecting Google services, allowing threat actors to generate Google cookies continuously while ensuring continuous access to Google services even after a user performs a password reset. In a technical report, CloudSEK shared details of the exploit. On October 20, 2023, CloudSEK’s AI digital risk platform XVigil discovered that on the Telegram channel, a developer/threat actor PRISMA had released a 0-day solution to address issues with incoming…
Read More
29 Dec 2023
By Mary

InfoSec News Nuggets 12/29/2023

iPhone Triangulation attack abused undocumented hardware feature  The Operation Triangulation spyware attacks targeting iPhone devices since 2019 leveraged undocumented features in Apple chips to bypass hardware-based security protections. This finding comes from Kaspersky analysts who have been reverse-engineering the complex attack chain over the past year, trying to unearth all details that underpin the campaign they originally discovered in June 2023. The discovery and use of obscure hardware features likely reserved for debugging and factory testing to…
Read More
27 Dec 2023
By Mary

InfoSec News Nuggets 12/27/2023

RingGo, ParkMobile Owner EasyPark Suffers Data Breach, User Data Stolen  A data breach has compromised the information of thousands of EasyPark Group customers in Europe. EasyPark Group, Europe’s largest parking app operator, which includes RingGo and ParkMobile, discovered the breach on December 10th, 2023, and promptly informed the affected customers. The company reported the cyber attack to regulatory authorities, including the EU’s privacy regulator, Sweden’s Information Commissioner’s Office, the UK’s Information Commissioner’s Office, and the Swiss data regulator.    CBS, Paramount owner National Amusements…
Read More
26 Dec 2023
By Mary

InfoSec News Nuggets 12/26/2023

Mint Mobile discloses new data breach exposing customer data  Mint Mobile has disclosed a new data breach that exposed the personal information of its customers, including data that can be used to perform SIM swap attacks. Mint is a mobile virtual network operator (MVNO) owned by T-Mobile, offering budget, pre-paid mobile plans. The company began notifying customers on December 22nd via emails titled "Important information regarding your account," stating that they suffered a security incident and a…
Read More
22 Dec 2023
By Mary

InfoSec News Nuggets 12/22/2023

Four in five Apache Struts 2 downloads are for versions featuring critical flaw  Security vendor Sonatype believes developers are failing to address the critical remote code execution (RCE) vulnerability in the Apache Struts 2 framework, based on recent downloads of the code. The vulnerability, tracked as CVE-2023-50164, is rated 9.8 out of 10 in terms of CVSS severity. It is a logic bug in the framework's file upload feature: if an application uses Struts 2 to allow users…
Read More
21 Dec 2023
By Mary

InfoSec News Nuggets 12/21/2023

UK Supreme Court rules AI is not an inventor  The UK Supreme Court ruled that AI cannot get patents, declaring it cannot be named as an inventor of new products because the law considers only humans or companies to be creators. The court unanimously denied a petition from Stephen Thaler, founder of the AI system DABUS, to name his AI as an inventor. The UK’s decision aligns with a similar decision made against Thaler in the…
Read More
20 Dec 2023
By Mary

InfoSec News Nuggets 12/20/2023

Major apparel supplier behind North Face and Vans hit by cyberattack, disrupting its holiday fulfillments  VF Corporation reported in a Securities and Exchange Commission filing on Monday that it had been hit by a cyberattack. The company owns a slew of apparel brands, including Vans, North Face, Timberland, Dickies and more — and it warns the disruption could affect your holiday shopping. VF first noticed "unauthorized occurrences" on its IT systems on December 13, it said…
Read More
19 Dec 2023
By Mary

InfoSec News Nuggets 12/19/2023

Xfinity discloses data breach affecting over 35 million people  Comcast Cable Communications, doing business as Xfinity, disclosed on Monday that attackers who breached one of its Citrix servers in October also stole customer-sensitive information from its systems. On October 25, roughly two weeks after Citrix released security updates to address a critical vulnerability now known as Citrix Bleed and tracked as CVE-2023-4966, the telecommunications company found evidence of malicious activity on its network between October 16 and October 19. …
Read More
18 Dec 2023
By Mary

InfoSec News Nuggets 12/18/2023

3CX warns customers to disable SQL database integrations  VoIP communications company 3CX warned customers today to disable SQL Database integrations because of risks posed by what it describes as a potential vulnerability. Although the security advisory released today lacks any specific information regarding the issue, it advises customers to take preventive measures by disabling their MongoDB, MsSQL, MySQL, and PostgreSQL database integrations. "If you're using an SQL Database integration it's subject potentially to a vulnerability - depending upon…
Read More
15 Dec 2023
By Mary

InfoSec News Nuggets 12/15/2023

How worried should we be about the “AutoSpill” credential leak in Android password managers?  By now, you’ve probably heard about a vulnerability named AutoSpill, which can leak credentials from any of the seven leading password managers for Android. The threat it poses is real, but it’s also more limited and easier to contain than much of the coverage to date has recognized. This FAQ dives into the many nuances that make AutoSpill hard for most people (yours truly included)…
Read More
14 Dec 2023
By Mary

InfoSec News Nuggets 12/14/2023

  CVS, Rite Aid, Walgreens hand out medical records to cops without warrants  All of the big pharmacy chains in the US hand over sensitive medical records to law enforcement without a warrant—and some will do so without even running the requests by a legal professional, according to a congressional investigation. The revelation raises grave medical privacy concerns, particularly in a post-Dobbs era in which many states are working to criminalize reproductive health care. Even if…
Read More
13 Dec 2023
By Mary

InfoSec News Nuggets 12/13/2023

  Recruiters, beware of cybercrooks posing as job applicants!  Recruiters are being targeted via spear-phishing emails sent by cybercrooks impersonating job applicants, Proofpoint researchers are warning. “The tone and content of the emails suggest to the recipient the actor is a legitimate candidate, and because the actor specifically targets people who are involved in recruiting and hiring, the emails do not immediately seem suspicious,” they noted.     Northern Ireland cops count human cost of August data…
Read More
12 Dec 2023
By Mary

InfoSec News Nuggets 12/12/2023

  Police Arrest Hundreds of Human Traffickers Linked to Cyber Fraud  Interpol has repeated warnings that human traffickers are fueling an online fraud epidemic in South East Asia and beyond, after revealing details of more arrests made during a recent operation. Operation Storm Makers II involved law enforcers from 27 countries in Asia, as well as Africa, the Middle East and South America. It led to the arrest of 281 individuals on suspicion of human trafficking, passport…
Read More
11 Dec 2023
By Mary

InfoSec News Nuggets 12/11/2023

  Google admits AI viral video was edited to look better  A video showcasing the capabilities of Google's artificial intelligence (AI) model which seemed too good to be true might just be that. The Gemini demo, which has 1.6m views on YouTube, shows a remarkable back-and-forth where an AI responds in real time to spoken-word prompts and video. In the video's description, Google said all was not as it seemed - it had sped up responses…
Read More
08 Dec 2023
By Mary

InfoSec News Nuggets 12/08/2023

Indian Court Orders Reuters To Take Down Investigative Report Regarding A ‘Hack-For-Hire’ Company Over the years we’ve written about plenty of “cyberespionge” companies. Some engage in spyware or surveillance ware. Others actively hack devices. Almost all of these eventually get exposed through dogged investigative reporting. A few people reached out to point to this rather concerning Editor’s note that was posted to Reuters this week: Reuters has temporarily removed the article “How an Indian startup…
Read More
07 Dec 2023
By Mary

InfoSec News Nuggets 12/07/2023

  Nissan is investigating cyberattack and potential data breach  Japanese car maker Nissan is investigating a cyberattack that targeted its systems in Australia and New Zealand, which may have let hackers access personal information. Details of the attack have not been published but the company informed customers of its Nissan Oceania division of a potential data breach, warning them that there is a risk of scams in the upcoming days. Nissan Oceania is a regional division of…
Read More
06 Dec 2023
By Mary

InfoSec News Nuggets 12/06/2023

  Meta and IBM launch ‘AI Alliance’ to promote open-source AI development  Facebook’s parent company, Meta, and IBM on Tuesday launched a new group called the AI Alliance advocating for an “open-science” approach to AI development that puts them at odds with rivals Google, Microsoft and ChatGPT-maker OpenAI. These two diverging camps – the open and the closed – disagree about whether to build AI in a way that makes the underlying technology widely accessible. Safety is…
Read More
05 Dec 2023
By Mary

InfoSec News Nuggets 12/05/2023

US Lawmakers Want to Use a Powerful Spy Tool on Immigrants and Their Families Americans with family overseas who hope to visit the United States may soon face an increased risk of being surveilled by their own government. Support in Congress is growing for intensified vetting procedures at the US border, which would see immigrants and foreign visitors subjected to the same levels of scrutiny as suspected terrorists and spies. A bill introduced last week…
Read More
04 Dec 2023
By Mary

InfoSec News Nuggets 12/04/2023

EU Council president proposes ‘European cyber force’ with ‘offensive capabilities’ Charles Michel, the president of the European Council — the EU body that sets the bloc’s political direction — proposed on Thursday the creation of “a European cyber force … equipped with offensive capabilities.” “The sensitive issue of chain of command would need to be addressed,” he acknowledged at the annual conference for the European Defence Agency (EDA). The Council President’s spokesperson was unable to…
Read More
01 Dec 2023
By Mary

InfoSec News Nuggets 12/01/2023

  Suspected China-based hackers target Uzbekistan gov’t, South Koreans, Cisco says  Hackers believed to be based in China are targeting the Uzbekistan Ministry of Foreign Affairs, as well as people in South Korea, with a strain of malware called SugarGh0st, according to a new report. Cisco published a blog on Thursday spotlighting the malware — which they believe is a variant of Gh0st RAT, an infamous tool used for more than a decade by a range…
Read More
30 Nov 2023
By Mary

InfoSec News Nuggets 11/30/2023

  Zero-day vulnerability in Google Chrome, statement issued by Google  Google has released an emergency security update to address a critical zero-day vulnerability in its Chrome web browser. The vulnerability, CVE-2023-6345, stems from an integer overflow weakness within the Skia open-source 2D graphics library. The vulnerability could allow attackers to execute arbitrary code on affected systems, potentially taking control of devices or stealing personal information revealed by BleepingComputer.     US lawmakers have Chinese LiDAR on their threat-detection radar  A…
Read More
29 Nov 2023
By Mary

InfoSec News Nuggets 11/29/2023

  Cybercriminals Hesitant About Using Generative AI  Cybercriminals are so far reluctant to use generative AI to launch attacks, according to new research by Sophos. Examining four prominent dark-web forums for discussions related to large language models (LLMs), the firm found that threat actors showed little interest in using these tools, and even expressed concerns about the wider risks they pose. In two of the forums included in the research, just 100 posts on AI were found.…
Read More
28 Nov 2023
By Mary

InfoSec News Nuggets 11/28/2023

  Ukraine claims cyber operation against Russian aviation agency  Ukraine's defense intelligence directorate has claimed it carried out a successful cyber operation against Russian government’s civil aviation agency, also known as Rosaviatsia. The agency reported November 23 that as a result of the hack, it obtained “a large volume of confidential documents,” including a list of daily reports from Rosaviatsia spanning more than a year and a half. The agency didn't reveal any technical details of what it called a…
Read More
27 Nov 2023
By Mary

InfoSec News Nuggets 11/27/2023

Canada’s privacy watchdog investigating hack affecting military and RCMP personnel  The Privacy Commissioner of Canada is investigating a cyberattack that compromised data on current and former members of the country’s armed forces and the Royal Canadian Mounted Police (RCMP). Two affiliated companies, Brookfield Global Relocation Services (BGRS) and Sirva Canada LP, informed the Canadian government of the breach in October. The companies have been contracted by the Canadian government to provide relocation services for personnel since 1995,…
Read More
24 Nov 2023
By Mary

InfoSec News Nuggets 11/24/2023

PSA: Watch out for these fake Safari and Chrome updates infecting Macs with AMOS  A powerful new malware launched in early 2023 called Atomic macOS Stealer (AMOS) targets Apple users and has become a growing threat. Now, with the latest iteration of the malware, malicious parties are planting AMOS inside fake Safari and Chrome browser updates for Mac. We’ll cover how it works and how to avoid this threat. As a refresher, AMOS is a powerful piece of…
Read More
22 Nov 2023
By Mary

InfoSec News Nuggets 11/22/2023

Cybersecurity firm executive pleads guilty to hacking hospitals The former chief operating officer of a cybersecurity company has pleaded guilty to hacking two hospitals, part of the Gwinnett Medical Center (GMC), in June 2021 to boost his company's business. Vikas Singla, who worked for Securolytics, a network security company that provided services to the healthcare industry, pleaded guilty to hacking into the systems of GMC Northside Hospital hospitals in Duluth and Lawrenceville, as prosecutors said…
Read More
21 Nov 2023
By Mary

InfoSec News Nuggets 11/21/2023

Two top Ukrainian cyber officials dismissed amid embezzlement probe  Two high-ranking cybersecurity officials in Ukraine were dismissed on Monday, according to a senior government official, amid an investigation into suspected embezzlement of state funds. Yurii Shchyhol, the head of Ukraine’s State Service for Special Communications and Information Protection (SSSCIP), said in a statement that he submitted his resignation from the post early this morning. “I am confident that I will be able to prove my innocence during an…
Read More
20 Nov 2023
By Mary

InfoSec News Nuggets 11/20/2023

U.S. Cybersecurity Agencies Warn of Scattered Spider's Gen Z Cybercrime Ecosystem  U.S. cybersecurity and intelligence agencies have released a joint advisory about a cybercriminal group known as Scattered Spider that's known to employ sophisticated phishing tactics to infiltrate targets. "Scattered Spider threat actors typically engage in data theft for extortion using multiple social engineering techniques and have recently leveraged BlackCat/ALPHV ransomware alongside their usual TTPs," the agencies said. The threat actor, also tracked under the monikers Muddled Libra,…
Read More
17 Nov 2023
By Mary

InfoSec News Nuggets 11/17/2023

Samsung Data Breach: Hackers Steal Data of UK Customers  Samsung has notified its customers in the United Kingdom that a data breach has exposed the personal information of thousands of individuals. The breach impacted customers who made purchases on the company’s UK online store between July 1, 2019, and June 30, 2020. The company discovered the breach on November 13, 2023, and determined that an unauthorized individual exploited a vulnerability in a third-party business application to…
Read More