AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 1/24/2024

Jason’s Deli says customer data exposed in credential stuffing attack 

Jason’s Deli is warning of a data breach in notifications sent to customers of its online platform stating that their personal data was exposed in credential stuffing attacks. Jason’s Deli is an American restaurant chain with 246 branches in 29 states, employing over 6,000 people and having an annual revenue of over $400 million. In a data breach notification sent to customers, Jason’s Deli says hackers obtained credentials of member accounts at Jason’s Deli from other sources and, on December 21, 2023, used them in a credential stuffing attack against the restaurant’s website. 

 

X adds support for passkeys on iOS after removing SMS 2FA support last year 

X, formerly Twitter, today announced support for passkeys, a new and more secure login method than traditional passwords, which will become an option for U.S. users on iOS devices. The technology has been adopted by a number of apps as of late, including PayPal, TikTok, WhatsApp, and others. Initiated by Google, Apple, Microsoft, and the FIDO Alliance, alongside the World Wide Web Consortium, passkey technology aims to make passwordless logins available across different devices, operating systems, and web browsers. 

 

GitGot: GitHub leveraged by cybercriminals to store stolen data 

ReversingLabs researchers have discovered two malicious packages on the npm open source package manager that leverages GitHub to store stolen Base64-encrypted SSH keys lifted from developer systems that installed the malicious npm packages. Multiple versions of the malicious npm packages, warbeast2000 and kodiak2k were identified in January, and have since been removed from npm. However, the campaign is just the latest example of cybercriminals and malicious actors using open source package managers and related infrastructure to support malicious software supply chain campaigns that target development organizations and end-user organizations.  

 

Major US, UK Water Companies Hit by Ransomware 

Two major water companies, Veolia North America in the United States and Southern Water in the United Kingdom, have been targeted in ransomware attacks that resulted in data breaches. Veolia describes itself as the world’s largest private player in the water sector, providing water and wastewater services to tens of millions of people. In a notice posted on its website, Veolia North America revealed that its Municipal Water division was hit by ransomware last week. In response to the incident, the company took down the targeted backend systems and servers, which disrupted online bill payment systems. 

 

Tesla hacked, 24 zero-days demoed at Pwn2Own Automotive 2024 

Security researchers hacked a Tesla Modem and collected awards of $722,500 on the first day of Pwn2Own Automotive 2024 for three bug collisions and 24 unique zero-day exploits. Synacktiv Team (@Synacktiv) took home $100,000 after successfully chaining three zero-day bugs to get root permissions on a Tesla Modem. They also used two unique two-bug chains to hack a Ubiquiti Connect EV Station and a JuiceBox 40 Smart EV Charging Station, earning an additional $120,000. 

Related Posts