AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 1/4/2024

Hacked Mandiant X Account Abused for Cryptocurrency Theft 

Mandiant’s account on the social media platform X, formerly Twitter, was hacked on Wednesday and abused to lure users to a website designed to steal cryptocurrency from victims. The account of Mandiant, which is part of Google Cloud, was renamed to ‘Phantom’ and its profile image and description were updated to appear affiliated with the legitimate Phantom cryptocurrency wallet. Messages posted on the hijacked account promoted a website hosted at claim-phntm.com, which claimed to distribute cryptocurrency tokens through an airdrop. In reality, the site is designed to steal users’ cryptocurrency.  


Russian Hackers Were Inside Ukraine Telecoms Giant For Months, Says Cyberespionage Chief 

Russian hackers were inside Ukrainian telecoms giant Kyivstar’s system from at least May last year in a cyberattack that should serve as a “big warning” to the West, Ukraine’s cyberespionage chief told Reuters. The hack, one of the most dramatic since Russia’s full-scale invasion nearly two years ago, knocked out services provided by Ukraine’s biggest telecoms operator for some 24 million users for days from December 12. In an interview, Illya Vityuk, the head of the Security Service of Ukraine’s (SBU) cybersecurity department, said the hack caused “disastrous” destruction and aimed to land a psychological blow and gather intelligence. 


23andMe blames users for security breach, says they should have been better at passwords 

Genetic testing company 23andMe is blaming its customers for the data breach it suffered in late 2023. According to TechCrunch, the firm sent a letter to a group of victims, claiming that these users “negligently recycled and failed to update their passwords following past security incidents unrelated to 23andMe.” “Therefore, the incident was not a result of 23andMe’s alleged failure to maintain reasonable security measures,” the letter reads. 


Nearly 1 million affected by ambulance service data breach 

Nearly one million people were affected by a data breach at a Massachusetts-based healthcare company last spring. Last week, Transformative Healthcare informed regulators in several U.S. states as well as the Department of Health and Human Services about a data breach that took place in April 2023. The company is contracted by hospitals and healthcare facilities to provide logistics services and other programs. 


LastPass Enforces 12-Character Master Passwords 

Two years after suffering a series of major beaches, LastPass has started implementing stricter password measures for its customers. These include the requirement for all customers to use a master password with at least 12 characters. This measure has been LastPass’ default option since 2018. In April 2023 it was made mandatory for new customers and existing customers who reset their master passwords. 


Law firm that handles data breaches was hit by data breach 

An international law firm that works with companies affected by security incidents has experienced its own cyberattack that exposed the sensitive health information of hundreds of thousands of data breach victims. San Francisco-based Orrick, Herrington & Sutcliffe said last week that hackers stole the personal information and sensitive health data of more than 637,000 data breach victims from a file share on its network during an intrusion in March 2023. Orrick works with companies that are hit by security incidents, including data breaches, to handle regulatory requirements, such as obtaining victims’ information in order to notify state authorities and the individuals affected. 

Related Posts