AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 07/11/2023

New Mozilla Feature Blocks Risky Add-Ons on Specific Websites to Safeguard User Security

Mozilla has announced that some add-ons may be blocked from running on certain sites as part of a new feature called Quarantined Domains. “We have introduced a new back-end feature to only allow some extensions monitored by Mozilla to run on specific websites for various reasons, including security concerns,” the company said in its Release Notes for Firefox 115.0 released last week. The company said the openness afforded by the add-on ecosystem could be exploited by malicious actors to their advantage. “This feature allows us to prevent attacks by malicious actors targeting specific domains when we have reason to believe there may be malicious add-ons we have not yet discovered,” Mozilla said in a separate support document.


Banking Firms Under Attack by Sophisticated ‘Toitoin’ Campaign

A sophisticated and evasive malware campaign is targeting businesses in Latin America with a multi-stage attack that starts with phishing and ends with the deployment of a novel Trojan dubbed Toitoin that steals critical system information and data from financial institutions. Researchers from ZScaler discovered the elaborate campaign, which features a multi-stage infection chain that uses custom-built modules throughout each stage, to inject harmful code into remote processes and circumvent user account control (UAC), among other activities.


NIST Launches Generative AI Working Group

Even as security companies continue releasing products and features that leverage advanced artificial intelligence (AI), researchers continue to warn about the security holes and dangers such technology creates. To help formulate guidance on how to implement generative AI in particular more safely, the National Institute of Standards and Technology (NIST) announced the formation of a new working group. Following January’s release of the AI Risk Management Framework (AI RMF 1.0) and the March debut of the Trustworthy and Responsible AI Resource Center, NIST launched the Public Working Group on Generative AI on June 22 to address how to apply the framework to new systems and applications.


Razer Data Breach: Alleged Database and Backend Access Sold for $100k

A threat actor going by the online handle of ‘Nationalist’ has claimed to possess stolen data from Razer Inc., a prominent American-Singaporean technology company. The news broke on Saturday when ‘Nationalist’ posted about the purported data breach on newly surfaced Breach Forums. According to the seller, the stolen information encompasses a wide range of sensitive data, including source code, encryption keys, database access logins, and backend access credentials. To substantiate these claims, the seller provided screenshots displaying a detailed file tree and folders allegedly originating from Razer.com.


Privacy activists slam EU-US pact on data sharing

The European Commission has announced a pact with the US to allow easier legal transfer of personal data across the Atlantic. Data privacy activists vowed to challenge the agreement in court. President Joe Biden and EU officials welcomed the deal, which overcame objections about US intelligence agencies’ access to European data. The deal ensures Meta, Google and other tech giants can continue sharing information with the US.


Kubernetes on AWS targeted by hackers abusing legitimate pentesting tools

Cyber criminals have been found abusing legitimate open-source penetration testing tools to launch attacks on AWS-hosted Kubernetes environments. The campaign, dubbed SCARLETEEL, started in February 2023 and is known for targeting cloud environments. The latest discoveries revealed new tools and techniques to bypass security measures and execute novel intrusions. A typical SCARLETEEL attack sees attackers exploiting misconfigured AWS policies to escalate their privileges and gain account control.  

Related Posts