AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 1/19/2024

New UEFI vulnerabilities send firmware devs industry wide scrambling 

UEFI firmware from five of the leading suppliers contains vulnerabilities that allow attackers with a toehold in a user’s network to infect connected devices with malware that runs at the firmware level. The vulnerabilities, which collectively have been dubbed PixieFail by the researchers who discovered them, pose a threat mostly to public and private data centers and possibly other enterprise settings. People with even minimal access to such a network—say a paying customer, a low-level employee, or an attacker who has already gained limited entry—can exploit the vulnerabilities to infect connected devices with a malicious UEFI. 

 

Thousands of Students Were Hit With a Cyberattack So Brutal Some of Them Puked. Then They Fought Back 

It was the return to class no one wanted. In the first few weeks of January, University of California, Irvine students found themselves fighting a hacking attempt targeting Discord groups the students and faculty used to chat about coursework and university news. Discord is an online forum and social media network that also allows users to talk over instant messages, video calls and other media. Some 3,000 users were reportedly affected in the attack, which involved posting extremely disturbing and violent images and videos to the Discord groups. Some of the people affected were so disgusted they vomited, according to one student who helped fend off the attack, Alina Kim, told the Orange County Register on Tuesday. 

 

Jamf discovers new malware disguised as popular macOS apps 

Jamf Threat Labs on Thursday announced that it has  on macOS. The malware is similar to the ZuRu malware that was discovered in 2021. The malware is being distributed through pirated software hosted in China. When a user launches the pirated app, a malicious dynamic library attached to the app uses a backdoor built with the open-source  post-exploitation tool. This allows the malware to avoid detection by anti-virus software. The malware then communicates with the attacker, who can load software on the target Mac and control it. 

 

Your Google News feed is likely filled with AI-generated articles 

AI-generated content can be found everywhere online, including your Google News feed. A report from 404 Media revealed that Google is boosting websites filled with AI-generated articles ripped from other outlets. While this isn’t a total surprise, the revelation is disappointing. Google News used to be a place you’d find the latest and most accurate information on most topics. But just because something makes it to Google News doesn’t necessarily mean the information is reliable. 

 

Quantum computing to spark ‘cybersecurity Armageddon,’ IBM says 

Governments and businesses are not prepared for the havoc quantum computers will sow in cybersecurity by the end of the decade, according to an International Business Machines Corp. Executive. “Is quantum going to really create a cybersecurity Armageddon?” Ana Paula Assis, IBM’s general manager of Europe, Middle East and Africa, said on a panel at the World Economic Forum in Davos. “It’s going to.” 

 

JPMorgan exec claims bank repels 45 billion cyberattack attempts per day 

The largest bank in the United States repels 45 billion – yes, with a B – cyberattack attempts per day, one of its leaders claimed at the World Economic Forum in Davos. Mary Callahan Erdoes, JPMorgan Chase’s CEO in charge of asset and wealth management, revealed the figure during a discussion of the future of banking at Davos yesterday, adding that the number is twice what the institution faced a year prior. JPMorgan Chase, the largest US bank by market cap, claims to have 62,000 technologists working to protect corporate assets – a figure Erdoes claims tops the engineer count at Google or Amazon. “Why? Because we have to,” Erdoes said.  

Related Posts