AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 01/31/2023

JD Sports says 10 million customers hit by cyber attack 

Sportswear chain JD Sports has said stored data relating to 10 million customers might be at risk after it was hit by a cyber attack. The company said information that “may have been accessed” by hackers included names, addresses, email accounts, phone numbers, order details and the final four digits of bank cards. The data related to online orders between November 2018 and October 2020. JD Sports said it was contacting affected customers. The group said the affected data was “limited”. It added it did not hold full payment card details and did not believe that account passwords were accessed by the hackers. 


TikTok CEO to testify before U.S. Congress over security concerns 

TikTok Chief Executive Shou Zi Chew will appear before the U.S. Energy and Commerce Committee in March, as lawmakers scrutinize the Chinese-owned video-sharing app. Chew will testify before the committee on March 23, which will be his first appearance before a congressional committee, said Representative Cathy McMorris Rodgers, the Republican chair of the panel, in a statement on Monday. The news comes as the House Foreign Affairs Committee plans to hold a vote next month on a bill aimed at blocking the use of TikTok in the United States over national security concerns. 


Russian Millionaire on Trial in Hack, Insider Trade Scheme 

A wealthy Russian businessman and associates made tens of millions of dollars by cheating the stock market in an elaborate scheme that involved hacking into U.S. computer networks to steal insider information about companies such as Microsoft and Tesla, a prosecutor told jurors on Monday. Vladislav Klyushin, the owner a Moscow-based information technology company with ties to the upper levels of the Russian government, is standing in trial in a Boston federal court nearly two years after he was arrested after landing in Switzerland on a private jet for a skiing trip. He’s the only Russian national charged in the nearly $90 million scheme who has been arrested and extradited to the U.S.; four accused co-conspirators — including a Russian military intelligence officer who’s also been charged with meddling in the 2016 presidential election — remain at large.  


New UN cybercrime convention has a long way to go in a tight timeframe 

Cybercrime is a growing scourge that transcends borders, spreading across the boundaries of virtually all the world’s nearly 200 nation-states. From ransomware attacks to rampant cryptocurrency theft, criminal exploitation of borderless digital systems threatens global economic security and the political welfare of all countries. Now, the United Nations has a major initiative to develop a new and more inclusive approach to addressing cybercrime that would replace a two-decades-old international cybercrime convention. This revised global approach could spark new laws worldwide to battle cybercrime more effectively. However, concerns over the scope of the emerging international convention and its possible threats to free speech, privacy, and cybersecurity research, among other issues, have emerged following the recent release of early drafts of the new convention. 


GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom 

GitHub on Monday disclosed that unknown threat actors managed to exfiltrate encrypted code signing certificates pertaining to some versions of GitHub Desktop for Mac and Atom apps. As a result, the company is taking the step of revoking the exposed certificates out of abundance of caution. The following versions of GitHub Desktop for Mac have been invalidated: 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.1.0, 3.1.1, and 3.1.2. Versions 1.63.0 and 1.63.1 of 1.63.0 of Atom are also expected to stop working as of February 2, 2023, requiring that users downgrade to a previous version (1.60.0) of the source code editor. Atom was officially discontinued in December 2022. GitHub Desktop for Windows is not affected. 


Cybercrime job ads on the dark web pay up to $20k per month 

Cybercrime groups are increasingly running their operations as a business, promoting jobs on the dark web that offer developers and hackers competitive monthly salaries, paid time off, and paid sick leaves. In a new report by Kaspersky, which analyzed 200,000 job ads posted on 155 dark websites between March 2020 and June 2022, hacking groups and APT groups seek to hire mainly software developers (61% of all ads), offering very competitive packages to entice them. The highest-paying job seen by Kaspersky’s analysts included a monthly salary of $20,000, while ads for capable attack specialists topped at $15,000/per month. 


Related Posts