AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 05/30/2023

Emby shuts down user media servers hacked in recent attack 

Emby says it remotely shut down an undisclosed number of user-hosted media server instances that were recently hacked by exploiting a previously known vulnerability and an insecure admin account configuration. “We have detected a malicious plugin on your system which has probably been installed without your knowledge. [..] For your safety we have shutdown your Emby Server as a precautionary measure,” the company informed users of affected servers in new entries added to the log files. 


Despite Tech Layoffs, Cybersecurity Positions are Hiring 

It’s easy to read today’s headlines and think that now isn’t the best time to look for a job in the tech industry. However, that’s not necessarily true. When you read deeper into the stories and numbers, cybersecurity positions are still very much in demand. Cybersecurity professionals are landing jobs every day, and IT professionals from other roles may be able to transfer their skills into cybersecurity relatively easily. As cybersecurity continues to remain a top business priority, organizations will likely keep hiring for cybersecurity roles. Companies are increasingly recognizing that without experienced team members, they are increasing their risk of a cybersecurity attack or breach. 


Here’s how long it takes new BrutePrint attack to unlock 10 different smartphones 

Researchers have devised a low-cost smartphone attack that cracks the authentication fingerprint used to unlock the screen and perform other sensitive actions on a range of Android devices in as little as 45 minutes. Dubbed BrutePrint by its creators, the attack requires an adversary to have physical control of a device when it is lost, stolen, temporarily surrendered, or unattended, for instance, while the owner is asleep. The objective: to gain the ability to perform a brute-force attack that tries huge numbers of fingerprint guesses until one is found that will unlock the device. The attack exploits vulnerabilities and weaknesses in the device SFA (smartphone fingerprint authentication). 


A lawyer used ChatGPT and now has to answer for its ‘bogus’ citations 

Lawyers suing the Columbian airline Avianca submitted a brief full of previous cases that were just made up by ChatGPT, The New York Times reported today. After opposing counsel pointed out the nonexistent cases, US District Judge Kevin Castel confirmed, “Six of the submitted cases appear to be bogus judicial decisions with bogus quotes and bogus internal citations,” and set up a hearing as he considers sanctions for the plaintiff’s lawyers. Lawyer Steven A. Schwartz admitted in an affidavit that he had used OpenAI’s chatbot for his research. To verify the cases, he did the only reasonable thing: he asked the chatbot if it was lying. 


State lawmakers find bipartisan support for stronger privacy protections 

State efforts to pass privacy legislation are heating up in the absence of federal progress on the issue. On May 19, Montana Governor Greg Gianforte signed the state’s own privacy law — SB 384 — which advocates say is one of the strongest privacy bills passed in a red state. Montana State Senator Daniel Zolnikov, who introduced the legislation, told Recorded Future News that he has been working to get a data privacy bill passed in the state since 2013 and was most proud of the fact that Montana is the first Republican-controlled legislature to pass a data privacy bill with a universal opt-out provision – what he called the “button that allows you to not be tracked online.” Several states have had difficulty getting such provisions into their data privacy bills because of fierce pushback from companies that have successfully fought for a specific verification – effectively an additional step many businesses hope consumers won’t take – to avoid the opt-out. 


Elon Musk takes Twitter out of the EU’s Disinformation Code of Practice 

Twitter has withdrawn from the European Union’s Code of Practice on online disinformation, per the bloc’s internal market commissioner, Thierry Breton. In a tweet last night — which confirmed earlier reports of Twitter’s impending exit from the EU Code — Breton issued the social media platform with a blunt warning: Telling Twitter it cannot hide from incoming legal liability in this area. “Twitter leaves EU voluntary Code of Practice against disinformation. But obligations remain. You can run but you can’t hide,” Breton wrote — a reference to obligations the platform is legally required to comply with as a so-called very large online platform (VLOP) under the EU’s Digital Services Act (DSA). 


Data Breach at MCNA Dental Insurer Impacts 9 Million Users 

MCNA Insurance Company, a prominent US-based dental benefits manager serving millions of individuals, recently fell victim to a significant data breach. The breach, which persisted for nearly two weeks from late February 2023 to early March 2023, exposed highly sensitive personal information, including Social Security numbers, driver’s license details, and government IDs belonging to millions of clients. This breach has also raised grave concerns regarding potential identity theft, fraudulent activities, and unauthorized access to financial accounts. It is worth noting that just a few days ago, Apria, another US-based healthcare service, disclosed a major data breach that impacted over 1.8 million users. 


New ‘Bandit Stealer’ malware siphons data from browsers, crypto wallets 

Cybersecurity researchers identified a new information-stealing malware that targets browsers and cryptocurrency wallets. Although the malware, called Bandit Stealer, has only targeted Windows systems so far, it has the potential to expand to other platforms such as Linux. What makes Bandit Stealer particularly dangerous is that it’s difficult for victims to detect, researchers at Trend Micro wrote in a report published Friday. For example, Bandit Stealer can bypass Windows Defender, a security tool developed by Microsoft to protect users from various types of threats, including viruses, malware and spyware. 

Related Posts