AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 09/11/2023

Cyber professionals say industry urgently needs to confront mental health crisis 

As the coronavirus pandemic swept the U.S. in early 2020, Pat, a security engineer, had more than just his own health to worry about. He was the lead engineer responsible for protecting vast amounts of data moving between large health care organizations to the Centers for Disease Control and Prevention. The toll of working 80-hour weeks wasn’t new to Pat, who has been in health care security for seven years, but the responsibility of safeguarding Americans’ vital information at such a crucial moment weighed heavily. 

 

VPNs, Verizon, and Instagram Reels: how students are getting around the TikTok ban 

When he first read the email announcing that public universities in Texas had been asked to ban the use of TikTok on their campuses, UT Dallas student Eric Aaberg feared the worst. As a full-time content creator with over 10,000 followers on the platform, the app was central to his life. Would he be forced to delete it? Would he be punished if he were caught using it? “I was like, ‘Oh my gosh, are you serious?’” Aaberg recalls. “That’s so BS. There’s no way.” Then he learned the reality. UTD was making TikTok inaccessible on its campus-provided networks. For him, that was the extent of the ban. Aaberg immediately relaxed. “I was like, ‘Oh, that’s nothing,’” he says. 

 

Google rolls out Privacy Sandbox to use Chrome browsing history for ads 

Google has started to roll out its new interest-based advertising platform called the Privacy Sandbox, shifting the tracking of user’s interests from third-party cookies to the Chrome browser. When starting the Google Chrome browser, users will now see an alert titled ‘Enhanced ad privacy in Chrome’ that briefly describes the new ad platform. 

 

Evil Telegram Mods Removed From Google Play 

Security researchers have revealed a number of lookalike Telegram apps on the official Play store which were modified to contain spyware. Since removed by Google, these apps were promoted in Chinese and Uighur as faster than the original Telegram and had been downloaded tens of thousands of times. Kaspersky said it was first alerted to unusual activity by a package in the apps called com.wsys. “The list of functions that call com.wsys, suggests that this piece of code means to get access to the user’s contacts. It looks fishy to say the least, considering that the package is not a part of the messenger’s standard feature set,” the security vendor explained in a blog post. 

 

Associated Press warns that AP Stylebook data breach led to phishing attack 

The Associated Press is warning of a data breach impacting AP Stylebook customers where the attackers used the stolen data to conduct targeted phishing attacks. The AP Stylebook is a commonly used guide on grammar, punctuation, and writing style for journalists, magazines, and newsrooms worldwide. This week, the Associated press warns that an old third-party-managed AP Stylebook site that was no longer in use was hacked between July 16 and July 22, 2023, allowing the data for 224 customers to be stolen. 

 

RHYSIDA RANSOMWARE GANG CLAIMS TO HAVE HACKED THREE MORE US HOSPITALS 

Recently the Rhysida ransomware group made the headlines because it announced the hack of Prospect Medical Holdings and the theft of sensitive information from the organization. In early August, a cyberattack disrupted the computer systems of multiple hospitals operated by Prospect Medical Holdings, which are located in multiple states, including California, Texas, Connecticut, Rhode Island, and Pennsylvania. Some emergency rooms in multiple hospitals in several states were forced to close and ambulances were diverted due to a cyberattack against their networks. BleepingComputer first reported that the group claimed to have stolen a database containing 500,000 social security numbers, corporate documents, and patient records. The Rhysida ransomware group threatened Prospect Medical Holdings to leak the stolen data if the company did not pay a 50 Bitcoins ransom (worth $1.3 million). 

Related Posts