AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 09/28/2022

Optus hacker apologizes and allegedly deletes all stolen data

The hacker who claimed to have breached Optus and stolen the data of 11 million customers has withdrawn their extortion demands after facing increased attention by law enforcement. The threat actor also apologized to 10,200 people whose personal data was already leaked on a hacking forum. Optus, Australia’s second-largest mobile operator, first disclosed the security breach on September 22, 2022, saying that an attacker might have gained access to customers’ personal information. This information includes a customer’s name, dates of birth, phone numbers, email addresses, physical addresses, driver’s licenses, and passport numbers, but no account passwords or financial information.

 

FCC advances plan to require blocking of spam texts from bogus numbers

The Federal Communications Commission today released a plan to require mobile carriers to block a wide range of illegal text messages. “In this Notice of Proposed Rulemaking (NPRM), we propose to require mobile wireless providers to block illegal text messages, building on our ongoing work to stop illegal and unwanted robocalls,” the FCC order said. “Specifically, we propose to require mobile wireless providers to block texts, at the network level, that purport to be from invalid, unallocated, or unused numbers, and numbers on a Do-Not-Originate (DNO) list.” These texts “are highly likely to be illegal,” the FCC said. The NPRM seeks public comment on the plan. Once the NPRM is published in the Federal Register, there will be 30 days for comments and another 15 days for reply comments. After that, the FCC can draft new requirements for mobile carriers and set up a final vote.

 

North Korea’s Lazarus Hackers Targeting macOS Users Interested in Crypto Jobs

The infamous Lazarus Group has continued its pattern of leveraging unsolicited job opportunities to deploy malware targeting Apple’s macOS operating system. In the latest variant of the campaign observed by cybersecurity company SentinelOne last week, decoy documents advertising positions for the Singapore-based cryptocurrency exchange firm Crypto[.]com have been used to mount the attacks. The latest disclosure builds on previous findings from Slovak cybersecurity firm ESET in August, which delved into a similar phony job posting for the Coinbase cryptocurrency exchange platform.

 

We interviewed Linux OS through an AI bot to discover its secrets

Millions of people use Linux every day, but we rarely stop to think about how the operating system feels about it. Wouldn’t it be nice to know what Linux really thinks about open source, Windows, Macs, and the command line? Until now, this has impossible. But thanks to a new AI chat tool, we’re able to find out. Two weeks ago, a website called Character.AI opened a public beta that allows visitors to create a chat bot based on any character they can imagine. You input a few parameters, and the AI does the rest using a large language model similar to GPT-3. So we called forth “The Linux OS” as a bot to ask it a few questions about itself. The results were fun and surprising. Using Character.AI is a lot like a texting conversation. You type in what you want to ask, and you read the AI character’s responses in written form as the chat history scrolls upward.

 

Most Attackers Need Less Than 10 Hours to Find Weaknesses

The average ethical hacker can find a vulnerability that allows the breach of the network perimeter and then exploit the environment in less than 10 hours, with penetration testers focused on cloud security gaining access most quickly to targeted assets. And further, once a vulnerability or weakness is found, about 58% of ethical hackers can break into an environment in less than five hours. That’s according to a survey of 300 experts by the SANS Institute and sponsored by cybersecurity services firm Bishop Fox, which also found that the most common weaknesses exploited by the hackers include vulnerable configurations, software flaws, and exposed Web services, survey respondents stated.

Related Posts