AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 09/26/2023

California governor vetoes bill for obligatory human operators in autonomous trucks 

California Gov. Gavin Newsom has blocked a bill that would have required autonomous trucks weighing more than 10,000 pounds (4,536kg) to have human safety drivers on board while operating on public roads. The governor said in a statement that the legislation, which California Senate members passed in a 36-2 vote, was unnecessary. Newsom believes existing laws are sufficient to ensure there’s an “appropriate regulatory framework.” 

 

Mixin Network Halts Services After $200M Crypto Hack 

Mixin Network has temporarily suspended its deposit and withdrawal services after cybercriminals targeted the decentralized wallet service. The network, reportedly, has lost $200 million in funds. Mixin is a Hong Kong-based crypto firm that offers layer-2 protocol-like service to encourage cheaper and more efficient cross-chain transfers. The network posted its announcement on X (formerly Twitter), stating that on September 23, 2023, its cloud service provider’s database was hacked early Saturday morning, resulting in a loss of approx. US$200 million. “In the early morning of September 23…the database of Mixin Network’s cloud service provider was attacked by hackers, resulting in the loss of some assets on the mainnet. The funds involved are approximately US$200 million,” Mixin Network’s post on X read. 

 

SONY PLAYSTATION HACK: WHAT WE KNOW SO FAR ABOUT THE LAPSUS$ CYBERATTACK 

Sony is once again facing a potential security breach, this time by a ransomware group claiming to have hacked into PlayStation systems. The group, known as LAPSUS$, announced the alleged hack on their dark website on Sunday. While details remain scarce, this could have major implications for PlayStation users if true. According to the ransomware group, they have breached all Sony systems and stolen valuable data, including source code for games and firmware. As “proof,” they have shared some screenshots of what appears to be an internal login page, PowerPoint presentation, and file directory. 

 

Tech Giants Launch Post-Quantum Cryptography Coalition 

A new tech consortium launched today with a mission to drive adoption of post-quantum cryptography (PQC). The PQC Coalition features Microsoft, IBM, MITRE, PQShield, SandboxAQ and the University of Waterloo among its founding members. The goal will be to improve uptake of PQC in commercial and open source technologies. Quantum computing represents an existential threat to Shor’s algorithm – the bedrock on which all asymmetric encryption is built. 

 

NETSCOUT Identified Nearly 7.9 Million DDoS Attacks in 1H2023 According to Its Latest DDoS Threat Intelligence Report 

Global events like the Russia-Ukraine war and NATO bids have driven recent DDoS attack growth. Finland was targeted by pro-Russian hacktivists in 2022 during its bid to join NATO. Turkey and Hungary were targeted with DDoS attacks for opposing Finland’s bid. In 2023, Sweden experienced a similar onslaught around its NATO bid, culminating with a 500 Gbps DDoS attack in May. Overall, ideologically motivated DDoS attacks have targeted the United States, Ukraine, Finland, Sweden, Russia, and multiple other countries. 

 

Auckland Transport ignoring ransom deadline following ticket system hack 

Auckland Transport has dismissed a claim by a global hacker group that it will release data at 8pm Tuesday from the agency’s ticketing system, which is still recovering after being crashed in a cyber attack. The deadline claim has been made by a group known as Medusa, but AT said it would not be engaging, and believed no financial data had been lost. The AT HOP electronic ticketing system crashed nearly a fortnight ago after a cyber attack, meaning tens of thousands of commuters were unable to top-up their cards to pay for public transport trips. 

 

Related Posts