AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 03/24/2023

Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers

Telecommunication providers in the Middle East are the subject of new cyber attacks that commenced in the first quarter of 2023. The intrusion set has been attributed to a Chinese cyber espionage actor associated with a long-running campaign dubbed Operation Soft Cell based on tooling overlaps. “The initial attack phase involves infiltrating Internet-facing Microsoft Exchange servers to deploy web shells used for command execution,” researchers from SentinelOne and QGroup said in a new technical report shared with The Hacker News. “Once a foothold is established, the attackers conduct a variety of reconnaissance, credential theft, lateral movement, and data exfiltration activities.”

B-List celebs including Lindsay Lohan fined after crypto shill probe

Eight very B-list celebrities have agreed to cough up fines after being accused of shilling a cryptocurrency without disclosing they were paid to do so, while the chap who apparently paid them has been charged with fraud. That chap is named Justin Sun. He’s the owner of Tron Foundation Limited, BitTorrent Foundation Ltd, and Rainberry Inc – which used to be called BitTorrent. According to the United States Securities and Exchange Commission (SEC), entities controlled by Sun sold crypto asset securities called Tronix (TRX) and BitTorrent (BTT) – but were not registered to do so. The SEC alleges it detected Sun “fraudulently manipulating the secondary market for TRX through extensive wash trading, which involves the simultaneous or near-simultaneous purchase and sale of a security to make it appear actively traded without an actual change in beneficial ownership.”

Windows 11, Tesla, Ubuntu, and macOS hacked at Pwn2Own 2023

On the first day of Pwn2Own Vancouver 2023, security researchers successfully demoed Tesla Model 3, Windows 11, and macOS zero-day exploits and exploit chains to win $375,000 and a Tesla Model 3. The first to fall was Adobe Reader in the enterprise applications category after Haboob SA’s Abdul Aziz Hariri (@abdhariri) used an exploit chain targeting a 6-bug logic chain abusing multiple failed patches which escaped the sandbox and bypassed a banned API list on macOS to earn $50,000.

US cyber officials make urgent push to warn businesses about vulnerabilities to hackers

US cybersecurity officials are unveiling a new program to warn critical American companies that their systems are vulnerable to ransomware attacks before the hackers can successfully strike. The new federal program – details of which were shared exclusively with CNN – is needed because “the pace and the impact of (ransomware) intrusions are still unacceptable,” said Eric Goldstein, a senior official at the US Cybersecurity and Infrastructure Security Agency. Ransomware attacks, like the 2021 incident that temporarily shut down one of America’s largest fuel pipelines, have disrupted key services important to American life and made the issue a national and economic security concern for the Biden administration.

Stop using your browser’s built-in password manager. Here’s why

I get this question a lot: Should I use a password manager? The answer is simple… yes. But no matter how often I give that advice, many ignore it and continue using their browser’s built-in password manager. I get that, as using the browser password manager is convenient and doesn’t require that you install yet another piece of software. Everyone is busy, and having to take an extra step just to log into one of your many accounts can cut into your productivity. No one wants that.

JP Morgan pilots biometric payments with US merchants

JP Morgan is set to pilot biometric payments with retailers in the US, enabling shoppers to make purchases by scanning their palms or faces. Global biometric payments are expected to reach $5.8 trillion and three billion users by 2026, according to Goode Intelligence. This week, fast food giant Panera Bread revealed that it is piloting palm reading technology from Amazon that lets customers pay and access the chain’s loyalty programme. Now, JP Morgan is looking to bring the technology to its huge merchant client base. The first pilots will be run with brick-and-mortar stores in the US, and could include the Formula 1 Crypto.com Miami Grand Prix in May. A wider rollout could follow next year.

Malicious ChatGPT Chrome browser extension hijacks Facebook accounts

Threat actors are taking advantage of ChatGPT’s popularity for their not-so-noble purposes, this time by creating a trojan version of a legitimate ChatGPT Chrome extension to steal Facebook accounts. According to security firm Guardio, adversaries created a malicious lookalike version of the actual ChatGPT for Google Chrome extension called “Chat GPT for Google” (note the erroneous gap between the word ChatGPT). Malicious code used in the fake Google Chrome browser extension stole Facebook session cookies from victims and then used the data to compromise Facebook accounts.

French parliament says oui to AI surveillance for 2024 Paris Olympics

Despite the opposition of 38 civil society groups, the French National Assembly has approved the use of algorithmic video surveillance during the 2024 Paris Olympics. Endorsed by French senators in January, the proposed law for the 2024 Olympic and Paralympic Games cleared a committee vote earlier this month. On Thursday, the French National Assembly adopted Article 7 of the pending bill, which authorizes automated analysis of surveillance video from fixed and drone cameras. Specifically, it allows such surveillance “On an experimental basis and until June 30, 2025, for the sole purpose of ensuring the security of sporting, recreational or cultural events which, by their scale or their circumstances, are particularly exposed to the risk of acts of terrorism or serious threats to the safety of persons, the images collected by means of video protection systems … and cameras installed on aircraft … in the places hosting these events and in their surroundings, as well as in vehicles and public transport rights-of-way.” It probably sounds more romantic in French.

Related Posts