AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 03/21/2023

Hackers can hijack Samsung and Pixel phones by knowing phone number

Google Pixel and Samsung phone owners should be cautious, as Google’s bug-hunting team, Project Zero, has discovered as many as 18 security vulnerabilities impacting Exynos modems. Reportedly, these vulnerabilities, if combined, can allow an adversary to gain complete control over a smartphone without alerting the user. In addition, wearable devices using the Exynos W20 chipset, such as Galaxy Watch 4 and 5, and vehicles using the Exynos Auto T5123 chipset are also vulnerable.

BBC advises staff to delete TikTok from work phones

The BBC has advised staff to delete TikTok from corporate phones because of privacy and security fears. The BBC seems to be the first UK media organisation to issue the guidance – and only the second in the world after Denmark’s public service broadcaster. The BBC said it would continue to use the platform for editorial and marketing purposes for now. TikTok has consistently denied any wrongdoing. The app has been banned on government phones in the UK and elsewhere.

Ferrari discloses data breach after receiving ransom demand

Ferrari has disclosed a data breach following a ransom demand received after attackers gained access to some of the company’s IT systems. “We regret to inform you of a cyber incident at Ferrari, where a threat actor was able to access a limited number of systems in our IT environment,” Ferrari says in breach notification letters sent to customers. The Italian luxury sports car maker says customer information exposed in the incident includes names, addresses, email addresses, and telephone numbers. 

General Bytes Bitcoin ATMs Hacked to Steal Funds

A leading provider of Bitcoin ATMs is urging clients to upgrade their systems immediately after revealing hackers exploited a zero-day vulnerability in its software last weekend to steal funds. General Bytes explained in an advisory that the bug itself was found in the master service interface used by Bitcoin ATMs to upload videos to the server. “The attacker scanned the Digital Ocean cloud hosting IP address space and identified running CAS [Crypto Application Server] services on ports 7741, including the General Bytes Cloud service and other GB ATM operators running their servers on Digital Ocean (our recommended cloud hosting provider),” it continued.

Clop ransomware claims Saks Fifth Avenue, retailer says mock data stolen

The Clop ransomware gang claims to have attacked Saks Fifth Avenue on its dark web leak site. The cyber security incident is among Clop’s ongoing attacks against vulnerable GoAnywhere MFT servers belonging to established enterprises. Although the company states no real customer data is impacted, it did not address if corporate or employee data was stolen. Founded in 1867 by Andrew Saks and headquartered in New York City, Saks Fifth Avenue remains among prominent luxury brand retailers serving the U.S., Canada and parts of the Middle East.

Related Posts