AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 06/22/2023

Oreo maker Mondelez staff hit by data breach at third-party law firm 

Snack giant Mondelez is warning past and present employees that their personal information may now be in the hands of hackers following a data breach at a third-party firm. Over 50,000 members of staff are receiving data breach notifications from the Oreo maker, after a data breach at Bryan Cave Leighton Paisner LLP, a law firm hired by Mondelez to provide legal advice. Bryan Cave says that it detected hackers had compromised its network between February 23 until March 1 2023, and that personal information had been exposed. 


The Great Exodus to Telegram: A Tour of the New Cybercrime Underground 

The world of cybercrime is moving quickly. Threat actors, ransomware gangs, malware developers, and others are increasingly and rapidly moving off of the “traditional” dark web (Tor sites) and onto illicit Telegram channels specializing in cybercrime. This Flare article will examine the reasons why threat actors are shifting from Tor and provide detailed guidance for best practices in monitoring Telegram channels. Today we see a majority of cybercrime activity occurring off of the traditional dark web and on modern social media applications. 


CID Lookout: Unsolicited Smartwatches Received by Mail 

Service members across the military have reported receiving smartwatches unsolicited in the mail. These smartwatches, when used, have auto-connected to Wi-Fi and began connecting to cell phones unprompted, gaining access to a myriad of user data. These smartwatches may also contain malware that would grant the sender access to saved data to include banking information, contacts, and account information such as usernames and passwords. 


iOttie discloses data breach after site hacked to steal credit cards 

Car mount and mobile accessory maker iOttie warns that its site was compromised for almost two months to steal online shoppers’ credit cards and personal information. iOttie is a popular manufacturer of mobile device car mounts, chargers, and accessories. In a new data breach notification issued yesterday, iOttie says they discovered on June 13th that its online store was compromised between April 12th, 2023, and June 2nd with malicious scripts. 


Apple patches two actively exploited security flaws with iOS 16.5.1 and more 

Coming with the release iOS 16.5.1, macOS 13.4.1, and more today, Apple has shipped two important fixes for security flaws. The updates arrive for devices on the latest public software and those on older versions of its software. Notably, Apple has heard the flaws have been actively exploited. The main user-facing feature coming with iOS 16.5.1 is a fix for a bug with the Lightning to USB Camera Adapter. However, for almost all of Apple’s devices including iPhone 6s and later, modern iPads and Macs, and even Apple Watches, there are two important security patches that come with the latest updates. 


Why Malware Crypting Services Deserve More Scrutiny 

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. In fact, the process of “crypting” malware is sufficiently complex and time-consuming that most serious cybercrooks will outsource this critical function to a handful of trusted third parties. This story explores the history and identity behind Cryptor[.]biz, a long-running crypting service that is trusted by some of the biggest names in cybercrime. Virtually all malware that is deployed for use in data stealing at some point needs to be crypted. This highly technical, laborious process involves iteratively altering the appearance and behavior of a malicious file until it no longer sets off alarm bells when scanned by different antivirus tools. 

Related Posts