AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 01/04/2023

Google to Pay Indiana $20 Million to Resolve Privacy Suit

Google will pay Indiana $20 million to resolve the state’s lawsuit against the technology giant over allegedly deceptive location tracking practices, state Attorney General Todd Rokita announced. Rokitas filed a separate lawsuit against Google when negotiations between the company and a coalition of state attorneys general stalled, he said. Those states agreed to a $391.5 million settlement with the company in November. As a result of the separate lawsuit, Indiana received about twice as much money as it would have under the deal with the 40 states in the coalition, Rokita said in his announcement Thursday. “This settlement is another manifestation of our steadfast commitment to protect Hoosiers from Big Tech’s intrusive schemes,” Rokita said.

Are Meta and Twitter Ushering in a New Age of Insider Threats?

Most of the attention paid to cybersecurity by practitioners and the general public alike is to threats that are external, such as attackers and scammers acting individually or as part of a larger organization. But a pair of stories this month alleging insider abuse at Meta and Twitter have served as harsh reminders that sometimes the call is coming from inside the house. Reportedly, employees at both companies have recently used internal workarounds or private channels to sell access to platforms and verification, in some instances for bribes, creating a precarious and unmoderated black market for people who have already been denied re-entry to the platforms by official mechanisms. 

Can these researchers help defend satellite systems targeted by hackers?

When hackers attacked a satellite internet provider in Europe on the eve of the Ukraine war, it disrupted internet communications at a vital moment for Kyiv’s defense. That digital assault, which officials and experts blamed on Moscow, had another effect, too. It showed just how vulnerable space systems remain, and what happens when attackers strike at the right time. But a new effort is attempting to improve cybersecurity awareness — and preparedness — in a sector that is only beginning to understand the threat it faces from malicious hackers.

Over 60,000 Exchange servers vulnerable to ProxyNotShell attacks

More than 60,000 Microsoft Exchange servers exposed online are yet to be patched against the CVE-2022-41082 remote code execution (RCE) vulnerability, one of the two security flaws targeted by ProxyNotShell exploits. According to a recent tweet from security researchers at the Shadowserver Foundation, a nonprofit organization dedicated to improving internet security, almost 70,000 Microsoft Exchange servers were found to be vulnerable to ProxyNotShell attacks according to version information (the servers’ x_owa_version header).

Rail giant Wabtec discloses data breach after Lockbit ransomware attack

U.S. rail and locomotive company Wabtec Corporation has disclosed a data breach that exposed personal and sensitive information. Wabtec is a U.S.-based public company producing state-of-the-art locomotives and rail systems. The company employs approximately 25,000 people and has a presence in 50 countries, being the world’s market leader in freight locomotives and a major player in the transit segment. The firm’s 2021 financial results give a revenue figure of $7.8 billion, reporting a staggering 20% of the world’s freight being moved by the 23,000 of Wabtec’s locomotives in global operation.

Inside a scammers’ lair: Ukraine busts 40 in fake bank call-centre raid

It looks like the sort of meeting room you might find in startups all over the world: diffuse lighting from windows down one wall, alongside a giant poster cityscape of New York’s Brooklyn Bridge, with the Manhattan skyline towering behind it. The difference in this case is that that the computer workstations around the room are there for a different sort of “entrepreneurial” venture, and the room is empty not because no one showed up for work, but because the “employees” were in the process of being arrested. This picture comes from the Ukraine Cyber Police, who raided a fraudulent call centre just before New Year, where they say the three founders of the scam, plus 37 “staff”, were busted for allegedly operating a large-scale banking fraud.

Related Posts