AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 09/08/2023

Coffee Meets Bagel says recent outage caused by destructive cyberattack 

The Coffee Meets Bagel dating platform confirms last week’s outage was caused by hackers breaching the company’s systems and deleting company data. The dating platform says they are geared towards users looking for a serious relationship rather than casual dating. Last week, Coffee Meets Bagel (CMB) suffered a worldwide outage, with users upset that they could not coordinate planned dates or continue communicating with their matches. 


DGA Behavior Shifts Raise Cybersecurity Concerns 

Researchers at Akamai have unearthed a concerning shift in the behavior of dynamically seeded Domain Generation Algorithm (DGA) families within Domain Name System (DNS) traffic data. This discovery reveals how malicious actors are adapting their tactics to prolong the life of their command-and-control (C2) communication channels, safeguarding their botnets. 


NFL Security Chief: Generative AI Threats a Concern as New Season Kicks Off 

Generative AI-enabled phishing attacks and deepfake videos are among the many threats that Tomás Maldonado will be keeping a wary eye on as the Kansas City Chiefs and the Detroit Lions kick off the 2023 National Football League season today. As the NFL’s chief information security officer, Maldonado is responsible for securing the league’s data, systems, and networks against a wide and growing range of threats. This includes guarding potential new attack surfaces caused by the growing digitization of many parts of the NFL operation in recent years — including ticketing and gate access systems and the various points of service for fans inside and outside of NFL stadiums. 


PSA: Make Sure to Update, iOS 16.6.1 and macOS 13.5.2 Address Actively Exploited Vulnerability 

The macOS 13.5.2, iOS 16.6.1, iPadOS 16.6.1, and watchOS 9.6.2 updates that Apple released today includes fixes for security vulnerabilities that Apple says may have been actively exploited in the wild. According to Apple’s security support page, in iOS, iPadOS, and macOS, processing a maliciously crafted image could lead to arbitrary code execution, allowing a hacker to gain access to the operating system with a simple picture. Apple fixed the ImageIO process by addressing a buffer overflow issue to improve memory handling. 


North Korea-backed hackers target security researchers with 0-day 

North Korea-backed hackers are once again targeting security researchers with a zero-day exploit and related malware in an attempt to infiltrate computers used to perform sensitive investigations involving cybersecurity. The presently unfixed zero-day—meaning a vulnerability that’s known to attackers before the hardware or software vendor has a security patch available—resides in a popular software package used by the targeted researchers, Google researchers said Thursday. They declined to identify the software or provide details about the vulnerability until the vendor, which they privately notified, releases a patch. The vulnerability was exploited using a malicious file the hackers sent the researchers after first spending weeks establishing a working relationship. 


A secondhand account of the worst possible timing for a scammer to strike 

Up until last week, I had never considered the timing of a scam to be important. I’m so used to just swiping away emails or text messages at random times during the day that I’d never considered what would happen if an adversary happened to get me at just the right time. That’s what happened to my wife last week. We were on vacation, and I was away for a few hours at lunch with my friends while she and the other spouses stayed back with our children to hang out at the pool for a bit. She received a text message from an unknown number asking her to confirm a Zelle payment to someone she had never heard of for a not-insignificant amount of money. Not even a minute later, she received a call from the same number from someone claiming to represent our bank asking if the transaction was fraudulent and if could she provide some personal information to verify the transaction or cancel it. 

Related Posts