AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 05/25/2021

1 – Audio maker Bose discloses data breach after ransomware attack

Bose Corporation (Bose) has disclosed a data breach following a ransomware attack that hit the company’s systems in early March. In a breach notification letter filed with New Hampshire’s Office of the Attorney General, Bose said that it “experienced a sophisticated cyber-incident that resulted in the deployment of malware/ransomware across” its “environment.” “Bose first detected the malware/ransomware on Bose’s U.S. systems on March 7, 2021,” the company added. The audio maker hired external security experts to restore impacted systems after the attack and forensic experts to determine if any of its data was accessed or exfiltrated by the attackers.  “We did not make any ransom payment,” Bose Media Relations Director Joanne Berthiaume told BleepingComputer. “We recovered and secured our systems quickly with the support of third-party cybersecurity experts.” “During our investigation, we identified a very small number of individuals whose data was impacted, and we sent notices to them directly in accordance with our legal requirements.

 

2 – Cyberattacks: Bigger, Smarter, Faster

From paralysing the internet in Estonia to a $4.4-million ransom being paid last week after the shutdown of a major US pipeline, we take a look back at 15 years of cyberattacks.  – Cyberwars begin – The Baltic nation of Estonia was the first state hit by a massive cyberattack in 2007, paralysing key corporate and government web services for days. Estonia blamed Moscow, with which it was mired in a diplomatic conflict, but the Kremlin denied the charge. – First industrial target – A powerful computer virus called Stuxnet attacked Iran’s nuclear facilities in 2010 in an apparent bid to cripple the country’s atomic program. Stuxnet hit the functioning of Iranian nuclear sites, infecting several thousand computers and blocking centrifuges used for the enrichment of uranium. 

 

3 – Malware caught using a macOS zero-day to secretly take screenshots

Almost exactly a month ago, researchers revealed a notorious malware family was exploiting a never-before-seen vulnerability that let it bypass macOS security defenses and run unimpeded. Now, some of the same researchers say another malware can sneak onto macOS systems, thanks to another vulnerability.

Jamf says it found evidence that the XCSSET malware was exploiting a vulnerability that allowed it access to parts of macOS that require permission — such as accessing the microphone, webcam or recording the screen — without ever getting consent. XCSSET was first discovered by Trend Micro in 2020 targeting Apple developers, specifically their Xcode projects that they use to code and build apps. It’s not clear how many Macs the malware was able to infect using this technique. But Apple confirmed to TechCrunch that it fixed the bug in macOS 11.4, which was made available as an update today.

 

4 – Google now lets you password-protect the page that shows all your searches

Google has added a way to put a password on your Web and Activity page, which shows all your activity from across Google services, including your searches, YouTube watch history, and Google assistant queries (via Android Police). Without the verification, anyone who picks up a device you’re logged into could see that activity. To activate the verification, you can go to activity.google.com, and click the Manage My Activity verification link. From there, you can select the Require Extra Verification option, save, and enter your password to confirm that you’re the one trying to make the change. If you don’t have the verification turned on, visiting activity.google.com will show a stream of your Google activity from across your devices, without asking for a password.

 

5 – Next Generation Computing Act proposed to speed U.S. supercomputer development

Rep. Jay Obernolte, R-Calif., has introduced legislation to bolster one of two high-priority, advanced scientific computing programs at the Department of Energy (DOE). The Next Generation Computing Research and Development Act would create the Beyond Exascale Computing Program for developing systems with capabilities that exceed those of the fastest supercomputers in the U.S., set to start arriving at the National Laboratories later this year. The proposed legislation was introduced last Thursday in the House of Representatives, and comes as U.S. lawmakers devote increasing attention to the country’s supercomputing arms race with China. The DOE is targeting the launch of a new exascale computing platform, which is known as Frontier, in October this year.

 

6 – At Epic v Apple’s closing, judge probes implications of upending Apple’s App Store

Federal Judge Yvonne Gonzalez Rogers held unconventional closing arguments Monday in the antitrust trial between Epic Games and Apple Inc (AAPL.O), peppering both sides’ attorneys for three hours about how far she could – and should – go to change Apple’s App Store business. App makers and regulators around the world are watching the trial and Gonzalez Rogers has hinted in sharp questions to Apple that she may be receptive to some of the “Fortnite” game creators’ allegations that Apple misuses its control over the App Store and hurts developers. Last week the federal judge said that Apple’s App Store profits from game makers looked “disproportionate”, but on Monday she questioned Epic on whether there was a way to address its concerns without forcing Apple to open the iPhone to rival app stores, as Epic has proposed.

Related Posts