AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/03/2022

Data Breach of Missile Maker MBDA May Have Been Real: CloudSEK

The Adrastea threat actor group announced a data breach from MBDA, a European missile manufacturer having ties to NATO, back in July. At the time, the company promptly refuted the claims, saying that while some files were stolen, MBDA was not hacked, and its security systems remained intact. Further, the missile maker said the data made available online was “neither classified data nor sensitive.” Security researchers at CloudSEK have now written a new advisory about the alleged hacking campaign against MBDA. Published on Sunday, the technical write-up says CloudSEK’s researchers were able to obtain and analyze the password-protected ZIP file containing the samples for the data breach. “The password to unlock the file was mentioned in the post shared by the actor,” the advisory reads. “The ZIP file contained two folders.”


Browsers such as Google Chrome, Microsoft Edge, Apple Safari, or Mozilla Firefox are one of the most common ways people interact with the Internet. We use them for reading the news, checking email, shopping online, watching videos, and playing games. As a result, browsers are also a target for cyber attackers. Many people assume browsing online is safe if you only visit well-known, trusted websites. However, it is quite easy to accidentally click on or visit an unsafe web page, sometimes without even knowing it. In addition, the very websites you know and trust can be hacked, with cyber attackers installing malicious software on them. Finally, today’s browsers have many new features, which often can be confusing, and if misconfigured, expose you to even more dangers.

New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users’ Data

Popular short-form video-sharing service TikTok is revising its privacy policy for European users to make it explicitly clear that user data can be accessed by some employees from across the world, including China. The ByteDance-owned platform, which currently stores European user data in the U.S. and Singapore, said the revision is part of its ongoing data governance efforts to limit employee access to users in the region, minimize data flows outside of it, and store the information locally. The privacy policy update applies to users located in the U.K., the European Economic Area (EEA), and Switzerland, and goes into effect on December 2, 2022, according to The Guardian.

New Mac app wants to record everything you do—so you can “rewind” it later

Yesterday, a company called Rewind AI announced a self-titled software product for Macs with Apple Silicon that reportedly keeps a highly compressed, searchable record of everything you do locally on your Mac and lets you “rewind” time to see it later. If you forget something you’ve “seen, said, or heard,” Rewind wants to help you find it easily. Rewind AI claims its product stores all recording data locally on your machine and does not require cloud integration. Among its promises, Rewind will reportedly let you rewind Zoom meetings and pull information from them in a searchable form.

US Treasury thwarts DDoS attack from Russian Killnet group

The US Treasury Department has thwarted a distributed denial of service (DDoS) attack that officials attributed to Russian hacktivist group Killnet. These are the same pro-Kremlin miscreants that claimed responsibility for knocking more than a dozen US airports’ websites offline on October 10 in similar network-traffic flooding incidents. The large-scale DDoS attack didn’t disrupt air travel or cause any operational harm to the airports. A day later, the same group claimed they unleashed another bot army on JPMorgan Chase, but saw similarly feeble results. According to Reuters, which first reported on the US Treasury incident, the Killnet DDoS flood didn’t have any operational impact on the agency and it happened a couple days before the Russians turned their attention to JPMorgan Chase. 

Related Posts