AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 1/10/2024

Fidelity National Financial says hackers stole data on 1.3 million customers 

Real estate services giant Fidelity National Financial has confirmed hackers stole data on 1.3 million of its customers during a November cyberattack that knocked the company offline for a week. FNF said in a filing Tuesday with federal regulators: “We determined that an unauthorized third-party accessed certain FNF systems, deployed a type of malware that is not self-propagating, and exfiltrated certain data.” The company said it has “notified its affected customers and applicable state attorneys general and regulators, and approximately 1.3 million potentially impacted consumers.” 

US SEC’s X account hacked to announce fake Bitcoin ETF approval 

The X account for the U.S. Securities and Exchange Commission was hacked today to issue a fake announcement on the approval of Bitcoin ETFs on security exchanges. The announcement came this afternoon in a now-deleted tweet from the SEC’s hacked X account. “Today the SEC grants approval to Bitcoin ETFs for listing on registered national security exchanges,” read the fake X post. 

 
Hackers hit Moscow internet provider in response to Kyivstar cyber attack 

Hackers linked to Ukraine’s main spy agency have breached computer systems at a Moscow-based internet provider in retaliation for a Russian cyber attack against Ukrainian telecom giant Kyivstar, a source with direct knowledge of the operation told Reuters on Tuesday. The hacking group, dubbed “Blackjack”, has previously been linked to the Security Service of Ukraine (SBU). The hackers deleted 20 terrabytes of data at M9 Telecom, a small Russian internet and TV provider, leaving some Moscow residents without internet, the source said. 

Entire population of Brazil possibly exposed in massive data leak 

Cybernews research revealed a publicly accessible Elasticsearch instance, which contained a staggering amount of private data belonging to Brazilian individuals. Elasticsearch is a commonly used tool for the search, analysis, and visualization of large volumes of data. The leaked data was not linked to a specific company or organization, preventing Cybernews from identifying the source of the leak. 

Flaw in AI Plugin Exposes 50,000 WordPress Sites to Remote Attack 

A critical vulnerability has been identified in the AI Engine plugin for WordPress, specifically affecting its free version with over 50,000 active installations. The plugin is widely recognized for its diverse AI-related functionalities, allowing users to create chatbots, manage content and utilize various AI tools such as translation, SEO and more. According to an advisory published today by Patchstack, the security flaw in question is an unauthenticated arbitrary file upload vulnerability in the plugin’s rest_upload function within the files.php module. 

 

China Says State-Backed Experts Crack Apple’s AirDrop 

Chinese state-backed experts have found a way to identify people who use Apple’s encrypted AirDrop messaging service, according to the Beijing municipal government. AirDrop allows users to send content to Apple devices in close proximity without an internet connection, encoded so they cannot be viewed by other people. The service was widely used by participants in pro-democracy protests in Hong Kong in 2019 that China’s central government eventually quelled. Apple also limited file-sharing for Chinese iPhone users in 2022 following protests against the ruling Communist Party’s stringent zero-Covid policy. 

Related Posts