AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 04/24/2023

Microsoft has a new way of naming security threats

Microsoft is banking on our human obsession with the weather to help make identifying security threats easier with a shakeup(opens in new tab) to its taxonomy. As of April 2023, Microsoft will now be using weather events to help identify threats across five key groups, including financially motivated, private sector offensive actors (PSOAs), influence operations, groups in development, and finally nation states. The company hopes that simplifying its naming structure will make it easier for customers and professionals to quickly identify a security threat and what it might entail without having to delve deep into the literature.


European air traffic control confirms website ‘under attack’ by pro-Russia hackers

Europe’s air-traffic agency appears to be the latest target in pro-Russian miscreants’ attempts to disrupt air travel. Eurocontrol confirmed on Friday its website has been “under attack” since April 19, and said “pro-Russian hackers” had claimed responsibility for the disruption. “The attack is causing interruptions to the website and web availability,” a spokesperson told The Register. “There has been no impact on European aviation.” Eurocontrol coordinates commercial traffic between 41 states, including the EU and their national air-traffic control entities. The outage reportedly jammed the agency’s communication systems and forced some smaller airlines to use older technology to manage flight schedules, including a fax-era backup system.


American Bar Association data breach hits 1.4 million members

The American Bar Association (ABA) has suffered a data breach after hackers compromised its network and gained access to older credentials for 1,466,000 members. The ABA is the largest association of lawyers and legal professionals globally, with 166,000 members as of 2022. The organization provides continuing education and services for lawyers and judges, as well as initiatives to improve the legal system in the USA. Thursday night, the ABA began notifying members that a hacker was detected on its network on March 17th, 2023, and may have gained access to members’ login credentials for a legacy member system decommissioned in 2018.


Biofire’s new Smart Gun uses biometrics as a safety mechanism

A firearms startup released its take on biometric-based weapon safety, the Biofire Smart Gun. The weapon uses pre-programmed biometric data to recognize users, ensuring only those identified by the owner can operate it. The product prevents tragic scenarios and accidental discharges involving children, criminals, or other unintended users.


Lloyd’s of London to exclude state-backed cyberattacks from cyber insurance

In a move that has raised concerns among financial institutions, Lloyd’s of London is set to exempt big “state-backed” cyberattacks (attacks that are carried out on behalf of governments) from standard insurance policies, according to the Financial Times and Wall Street Journal. Bank of America, one of the world’s largest banks, is one of the institutions that has expressed concern about the new rule. The bank believes that the change will leave it and other businesses vulnerable to potentially catastrophic cyberattacks.


“Chromebooks aren’t built to last”: Average device has 4 years of updates left

Google is in the US Public Interest Research Group (PIRG) hot seat. This week, the nonprofit published its “Chromebook Churn” [PDF] report, pointing a finger at Google for enabling Chromebooks that “aren’t designed to last.” It highlighted Chromebook quirks, like seemingly pointless hardware tweaks across models that challenge parts-sourcing and automatic update expiration (AUE) dates, as examples of the repair-averse Chromebook culture Google has enabled. For target Chromebook markets, like schools, that opt for Chromebooks to save money, long-term costs may outweigh the immediate savings, PIRG’s analysis concluded.


GitHub now allows enabling private vulnerability reporting at scale

GitHub announced that private vulnerability reporting is now generally available and can be enabled at scale, on all repositories belonging to an organization. Once toggled on, security researchers can use this dedicated communications channel to privately disclose security issues to an open-source project’s maintainers without accidentally leaking vulnerability details. This is “a private collaboration channel that makes it easier for researchers and maintainers to report and fix vulnerabilities on public repositories,” GitHub’s Eric Tooley and Kate Catlin said.


Hacker Group Names Are Now Absurdly Out of Control

HACKERS—PARTICULARLY STATE-SPONSORED ONES focused on espionage and cyberwar, and organized cybercriminals exploiting networks worldwide for profit—are not pets. They wreck businesses, sow chaos, disrupt critical infrastructure, support some of the world’s most harmful militaries and dictatorships, and help those governments spy on and oppress innocent people worldwide. So why, when I write about these organized hacker groups as a cybersecurity reporter, do I find myself referring to them with cute pet names like Fancy Bear, Refined Kitten, and Sea Turtle?


Biden administration wants to avoid 5G mistakes in race to beat China on 6G

The United States is aiming to shape the development of 6G telecom technology at an early stage of research and development and to avoid letting China build up an early lead in next-generation telecommunications, a senior Biden administration official told reporters ahead of a Friday summit on 6G. “We want to take the list of lessons we’ve learned from 5G, about the importance of early involvement and resilience, and to drive an approach to 6G that optimizes performance, accessibility, and security,” Anne Neuberger, the deputy national security advisor for cyber and emerging technology, said on a call with reporters Thursday.


Related Posts