AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 08/30/2023

More UK cops’ names and photos exposed in supplier breach 

London’s Metropolitan Police has said a third-party data breach exposed staff and officers’ names, ranks, photos, vetting levels, and salary information. In a statement posted on the cops’ website, the force said miscreants broke into a supplier’s IT system, and used that unauthorized access to steal personnel information. The supplier did not, however, store police addresses, phone numbers or financial account details so it appears that data remains secure. “Security measures have been taken by the MPS as a result of this report,” the statement said, adding that the UK National Crime Agency and Information Commissioner’s Office have both been made aware of the breach. 

 

Meta took down thousands of fake accounts linked to massive Chinese propaganda campaign 

Meta has shared details about a massive network of fake accounts that attempted to spread pro-China propaganda on its platform. The company said the takedowns were linked to “individuals associated with Chinese law enforcement” who operated similar fake accounts on dozens of other platforms. While the company regularly shares updates on its takedowns of fake accounts engaged in widespread manipulation, Meta’s security security researchers said the latest effort was particularly notable for the size and scope of the operation. In all, Meta took down 7,704 Facebook accounts, 954 Pages, 15 Groups and 15 Instagram accounts, making it one of the largest networks of fake accounts the company has ever uncovered. 

 

The NFL, NBA, and UFC want to rewrite the laws for fast DMCA takedowns 

The NFL, NBA, and UFC are looking to inject some urgency into the Digital Millennium Copyright Act (DMCA) to have the law shut down illegal livestreams sooner. The sports organizations believe that the law needs to define more specifically how quickly a DMCA takedown notice should take effect, according to a letter they sent to the US Patent and Trademark Office (USPTO) seen by TorrentFreak. DMCA was signed during the Clinton administration in 1998 and specified that takedown notices be processed “expeditiously,” as written in Section 512 of the act. In the letter sent to the USPTO, dated August 23rd, the NFL, NBA, and UFC urge the government to change the “expeditiously” verbiage to “instantaneously or near-instantaneously.” 

 

iFixit wants Congress to let it hack McDonald’s ice cream machine 

McDonald’s ice cream machines are so notorious for breaking that it’s become a meme. But now we may have some glimmer of Shamrock Shake-flavored hope: not only has iFixit performed a teardown of McDonald’s machines, but it’s also petitioning the government to let it create the parts required for people to fix them. As shown in a , iFixit purchased the same ice cream machine model used by McDonald’s and spent hours trying to get it up and running. The machine spit out numerous error codes that iFixit says “are nonsensical, counterintuitive, and seemingly random, even if you spent hours reading the manual.” 

 

Rackspace Faces Massive Cleanup Costs After Ransomware Attack 

After being hit with a ransomware attack at the end of 2022, Rackspace is now faced with fronting the cost of the cleanup, as well as legal fees, which at present have amounted to $10.8 millionThe attack, which occurred in December 2022, disrupted email service for thousands of the customers of the managed cloud hosting services company, which are mostly small-to-midsize businesses. The ransomware attack came in the form of a zero-day exploit against a server-side request forgery vulnerability within the Microsoft Exchange server at the hands of Play ransomware group. The vulnerability — known as CVE-2022-41080 — was patched by Microsoft a month before the attack. 

 

Chinese hackers accused of using Barracuda bug against federal, local US agencies 

Chinese hackers used a recently patched vulnerability in security products from Barracuda Networks to conduct attacks against dozens of government organizations across the U.S. and Asia, according to a new report. Researchers from cybersecurity firm Mandiant said on Tuesday that one primary group, which they call UNC4841, is behind a significant amount of the exploitation of a vulnerability — tagged as CVE-2023-2868 — in Barracuda’s Email Security Gateway (ESG) appliance. The attackers spent more than eight months abusing that bug in attacks on a wide range of victims, Mandiant said. 

 

University of Michigan shuts down network after cyberattack 

The University of Michigan has taken all of its systems and services offline to deal with a cybersecurity incident, causing a widespread impact on online services the night before classes started. University of Michigan (U-M) is one of the oldest and largest educational institutes in the United States, employing over 30,000 academic and administrative staff and having roughly 51,000 students. In a series of announcements published on the University’s website, starting on Sunday, a cybersecurity incident caused IT outages and disrupted access to vital online services, including Google, Canvas, Wolverine Access, and email. 

Related Posts