AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 04/28/2023

Continuous Scanning Is Imperative for Effective Web Application Security

Software moves fast. With so many Web applications and APIs being built and modified in increasingly complex IT environments, securing your attack surface — which can change hourly or multiple times a day — is a challenge. Traditional approaches to security, like one-off tests or periodic scans, are no longer enough to get the job done and done well. Attackers are zeroing in on these apps more frequently than ever; according to Verizon, 70% of security incidents in 2021 were connected to hacks targeting Web applications.

 

Microsoft is done with major Windows 10 updates

Windows 10 22H2 will be the final version of the operating system, Microsoft said in a blog post on Thursday. Moving forward, all editions of Windows 10 will be supported with monthly security updates until October 14th, 2025, when Microsoft will end support. (Some releases on the Long-Term Servicing Channel, or LTSC, will get updates past that end of support date.) Microsoft is encouraging users to now transition to Windows 11 because Windows 10 won’t be getting any new features.

 

Google sues CryptBot slingers, gets court order to shut down malware domains

Google said it obtained a court order to shut down domains used to distribute CryptBot after suing the distributors of the info-stealing malware. According to the Chocolate Factory’s estimates, the software nasty infected about 670,000 Windows computers in the past year, and specifically targeted Chrome users to pilfer login details, browser cookies, cryptocurrencies, and other sensitive materials from their PCs. A New York federal judge this week unsealed a lawsuit [PDF] that Google filed against the malware’s slingers; the US giant accused the distributors of committing computer fraud and abuse, and trademark infringement by using Google’s marks in their scam. The court granted Google a temporary restraining order, which allowed it to shut down the bot operators’ internet infrastructure.

 

Man Gets Four Years for Stealing Bitcoins Seized by Feds

An Ohio man has been sentenced to four years and three months behind bars after stealing 712 bitcoin ($21m), which were seized by investigators following the arrest of his brother. Gary James Harmon, 31, of Cleveland, stole the cryptocurrency, which was the subject of “pending criminal forfeiture proceedings” in the case of his sibling, Larry Dean Harmon, according to the Department of Justice (DoJ). Larry Harmon was arrested in February 2020 for operating a dark web cryptocurrency mixer known as Helix. It was used to launder over 350,000 bitcoin, valued at the time of the transactions at over $300m, but which are now worth $10.3bn. The funds came from customers operating on dark web markets, according to the DoJ.

 

“Ashamed” LockBit ransomware gang apologises to hacked school, offers free decryption tool

Is it possible ransomware gangs actually do have a heart? Last month, a school district in Illinois was reported to be working closely with a cybersecurity insurance firm to determine the extent of damage it had sustained from a ransomware attack. Olympia Community Unit School District 16 – the largest school district in Illinois, covering some 377 square miles – realised on Sunday February 26, 2023, that it had suffered a ransomware attack, after being targeted by an affiliate of the notorious LockBit ransomware group.

 

FBI Director: US Cyber Agents, Intel Analysts Outnumbered By Chinese Hackers

FBI director Christopher Wray has said that the agency’s cybersecurity agents are outnumbered by Chinese hackers, raising concerns about the extent of the country’s hacking program. “To give you a sense of what we’re up against, if each one of the FBI’s cyber agents and intel analysts focused exclusively on the China threat – on nothing but China – Chinese hackers would still outnumber FBI cyber personnel by at least 50 to 1,” Wray said during a House Appropriations Committee hearing Thursday, Semafor reported. Wray warned that China’s cybersecurity threat was “unparalleled,” adding that a “key part of the Chinese government’s multi-pronged strategy [is] to lie, to cheat and to steal their way to surpassing us as the global superpower in cyber.”

Related Posts