AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 05/25/2022

Chicago students lose data to ransomware attackers

Chicago Public Schools (CPS) disclosed on Friday that students may have had their data taken in a ransomware incident involving one of its vendors. The ransomware attack happened last December at Battelle for Kids (BfK), based in Columbus Ohio, which develops services to provide innovation in schools for students and teachers. Around 490,000 students and 56,000 employees found their data breached by those responsible for the ransomware. The data accessed by criminals, stretching from 2015 to 2019, included a variety of information. The notification breach says that home addresses, health/financial information, and social security numbers were not exposed. Chicago Public Schools is offering free credit monitoring for those affected.


New Unpatched Bug Could Let Attackers Steal Money from PayPal Users

A security researcher claims to have discovered an unpatched vulnerability in PayPal’s money transfer service that could allow attackers to trick victims into unknowingly completing attacker-directed transactions with a single click. Clickjacking, also called UI redressing, refers to a technique wherein an unwitting user is tricked into clicking seemingly innocuous webpage elements like buttons with the goal of downloading malware, redirecting to malicious websites, or disclose sensitive information. This is typically achieved by displaying an invisible page or HTML element on top of the visible page, resulting in a scenario where users are fooled into thinking that they are clicking the legitimate page when they are in fact clicking the rogue element overlaid atop it.


Anonymous Declares Cyber-War on Pro-Russian Hacker Gang Killnet

Hacktivist group Anonymous has announced on social media that it’s launching a cyber-war against the pro-Russian group Killnet, which recently attacked European institutions. The news comes after anonymous hackers recently declared “cyber war” against Vladimir Putin’s government following the Russian invasion of Ukraine, including leaking over 360,000 Russian federal agency files in the process. On Twitter, the @YourAnonOne account announced that: “The #Anonymous collective is officially in cyber war against the pro-Russian hacker group #Killnet.” Last week, Killnet attacked the websites of various Italian institutions and government ministries, including the superior council of the judiciary, its customs agency and its foreign affairs, education and cultural heritage ministries.


Google Chrome 102: Critical New Security Warning For Billions Of Users

The good news for the estimated 3.2 billion users of Google’s Chrome web browser is that, as far as we know, there are no new zero-day attacks ongoing against them. However, according to the latest confirmation from Google, a total of 32 new security vulnerabilities have been discovered that impact the Chromium-based browser. Of these, one has a critical impact status, eight are rated high and a further nine are medium. This is one big, and very important, security update for all Chrome users across Windows, Mac, and Linux platforms. There is also an update rolling out for the Android Chrome app, but this appears not to be security-related as Google has only pointed to “stability and performance” issues in the release announcement.


Apple Slams Facebook And Google With Bold New Privacy Ad

Apple has slammed the privacy-invading habits of firms such as Facebook and Google with a bold new advert. One of Apple’s headline iPhone features is App Tracking Transparency, the anti-tracking tool that has hit Facebook’s revenues hard, costing the social network an estimated $12 billion. The latest Apple privacy advert focuses on all the iPhone maker’s privacy features. The advert is set at an auction: “The next sale is a digital treasure trove—charming Ellie’s private data,” the auctioneer announces as “Ellie” enters the room. Slot number one is her emails, and number two is her drug store purchases.


New Zoom Flaws Could Let Attackers Hack Victims Just by Sending them a Message

Popular video conferencing service Zoom has resolved as many as four security vulnerabilities, which could be exploited to compromise another user over chat by sending specially crafted Extensible Messaging and Presence Protocol (XMPP) messages and execute malicious code. Tracked from CVE-2022-22784 through CVE-2022-22787, the issues range between 5.9 and 8.1 in severity. Ivan Fratric of Google Project Zero has been credited with discovering and reporting all the four flaws in February 2022. With Zoom’s chat functionality built on top of the XMPP standard, successful exploitation of the issues could enable an attacker to force a vulnerable client to masquerade a Zoom user, connect to a malicious server, and even download a rogue update, resulting in arbitrary code execution stemming from a downgrade attack.

Related Posts