AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 03/08/2023

New HiatusRAT Router Malware Covertly Spies On Victims

Just nine months after discovering ZuoRAT – a novel malware targeting small office/home office (SOHO) routers – Lumen Black Lotus Labs® identified another, never-before-seen campaign involving compromised routers. This is a complex campaign we are calling “Hiatus”. It infects business-grade routers and deploys two malicious binaries, including a Remote Access Trojan (RAT) we’re calling HiatusRAT, and a variant of tcpdump that enables packet capture on the target device.

 

Government Claims New UK GDPR Will Save Firms Billions

The UK government has reintroduced new GDPR legislation which it claims will save businesses and charities as much as £4.7bn ($5.6bn) over the coming decade while bolstering data protection and privacy. Keen to prove the benefits of leaving the EU, the Conservative government said the Data Protection and Digital Information (DPDI) Bill would reduce compliance “paperwork” without impacting data adequacy with the EU or global confidence in the UK. Recognizing the need to protect and grow a digital economy worth an estimated £259bn ($307bn) for the UK in 2021, the government claimed the new legislation would provide business with greater flexibility about how they comply with data laws, while reducing the overall compliance burden.

 

Acer confirms breach after 160GB of data for sale on hacking forum

Taiwanese computer giant Acer confirmed that it suffered a data breach after threat actors hacked a server hosting private documents used by repair technicians. However, the company says the results of its investigation so far do not indicate that this security incident has impacted customer data. The confirmation of a data breach comes after a threat actor began selling on a popular hacking forum what they claim is 160GB of data stolen from Acer in mid-February 2023.

 

Australia demands Russia crack down on cyber criminals

One of Australia’s top government bureaucrats on Wednesday demanded Russia crack down on the large number of cyber criminals operating in the country, saying their actions posed a threat to national security. The comments come as Canberra reforms its cybersecurity policy following a raft of cyber attacks on some of the country’s largest companies. “The greatest density of cyber criminals, particularly those with ransomware, are in Russia,” Michael Pezzullo, Secretary of the Department of Home Affairs, told the AFR Business Summit in Sydney.

 

The FTC’s Twitter privacy investigations have ramped up since Elon Musk’s takeover

The Federal Trade Commission (FTC) had its eye on Twitter since well before Elon Musk bought the outfit, but now we have a better idea about what questions it’s been asking lately. Not only have the investigations continued, but the FTC has been looking into the company’s abilities to keep user data secure, the development of the Twitter Blue subscription plan, and pulling together information on the actions of the company’s new owner.

 

Microsoft Found Shein App Copying Clipboard Content on Android Phones

Shein, the Chinese online fashion retailer, has come under scrutiny once again, after an old version of its mobile app was found to be accessing the contents of Android device clipboards. The was discovered by Microsoft, whose Threat Intelligence Team collaborated with Google’s Android Security Team to ensure that the behaviour was removed from the app. The app was found to send the contents of the clipboard to a remote server if a particular pattern was present, though it is not clear whether there was any malicious intent behind the behaviour. As a result of the disclosure, Google reportedly recognized the risks associated with clipboard access and made improvements to the Android OS.

Related Posts