AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/28/2024

Apple Intelligence bug bounty invites researchers to test its privacy claims

Apple is inviting investigations into the Private Cloud Compute (PCC) system that powers more computationally intensive Apple Intelligence requests. The company is also expanding its bug bounty program to offer payouts of up to $1,000,000 for people who discover PCC vulnerabilities. The company has boasted about how many AI features (branded as Apple Intelligence) will run on-device without leaving your Mac, iPhone, or other Apple hardware. Still, for more difficult requests, it will send them to PCC servers that are built using Apple Silicon and a new operating system.

 

Black Basta ransomware poses as IT support on Microsoft Teams to breach networks

The BlackBasta ransomware operation has moved its social engineering attacks to Microsoft Teams, posing as corporate help desks contacting employees to assist them with an ongoing spam attack. Black Basta is a ransomware operation active since April 2022 and responsible for hundreds of attacks against corporations worldwide. After the Conti cybercrime syndicate shut down in June 2022 following a series of embarrassing data breaches, the operation split into multiple groups, with one of these factions believed to be Black Basta.

 

China targeted phones of Trump, Vance and Harris campaign affiliates, sources say

A broad Chinese hacking campaign against U.S. telecommunication networks targeted the phones of Republican presidential nominee Donald Trump and his running mate, Sen. JD Vance, two sources familiar with the matter say. Another source told NBC News that people affiliated with the campaign of Vice President Kamala Harris were also targeted. The staff of Senate Majority Leader Chuck Schumer, D-N.Y., was also targeted, a Democratic source said. None of the four sources clarified whether campaign devices were successfully compromised or whether China stole their communications. It is unclear who in the Harris campaign was targeted or if others in the Trump campaign were targeted in addition to Trump and Vance.

 

German MPs and their staff fail simple phishing attack test

The Bundestag, the lower house of the German congress, conducted a secret penetration test (pen test) against members of parliament by sending phishing emails that supposedly came from the Bundestag administration. While many MPs and their staff members passed the test, Spiegel (machine translated) says that several fell for the faked email and disclosed sensitive information like usernames and passwords. All representatives and their staff eventually received a letter explaining the penetration test, saying, “This is absolutely necessary for an effective defense against real phishing campaigns.” However, it also added, “I would like to ask all those who have clicked on the links in the e-mails and, if necessary, entered login credentials and passwords to change their password as a precautionary measure.”

 

Delta Sues Cybersecurity Firm CrowdStrike Over Tech Outage That Canceled Flights

Delta Air Lines sued CrowdStrike on Friday, claiming the cybersecurity company had cut corners and caused a worldwide technology outage that led to thousands of canceled flight in July. The airline is asking for compensation and punitive damages from the outage, which started with a faulty update sent to several million Microsoft computers. Delta said the outage crippled its operations for several days, costing more than $500 million in lost revenue and extra expenses. CrowdStrike said Delta is giving “misinformation,” does not understand cybersecurity and is trying to shift blame for its slow recovery from the outage.

 

WordPress forces user conf organizers to share social media credentials, arousing suspicions

Organisers of WordCamps, community-organized events for WordPress users, have been ordered to take down some social media posts and share their login credentials for social networks. The order to share creds came from an employee of Automattic, the WordPress host whose CEO happens to be Matt Mullenweg, co-creator of WordPress. A letter sent to WordCamp organizers explains that the creds are needed due to “recurrent issues with new organizing teams losing access to the event’s social media accounts.” So far, so sensible.

Related Posts