AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/09/2023

Monero Project admits thieves stole 6-figure sum from a wallet in mystery breach 

The Monero Project is admitting that one of its wallets was drained by an unknown source in September, losing the equivalent of around $437,000 at today’s exchange rate. A Monero Project maintainer who goes by the alias of Luigi announced on November 2 that the project’s community crowdfunding system (CCS) wallet was drained of 2,675.73 XMR on September 1. The team behind Monero is trying to determine how the breach occurred but said it could be related to the ongoing wallet-draining attacks the community has seen since April. The funds were drained during nine separate transactions that took place in as many minutes. None of the project’s other wallets were affected, including the general fund, which is used to support the project’s development and occasionally contributing to key community initiatives like conferences or research. 


Sumo Logic discloses potential breach via compromised AWS credential 

Cloud-native big data and security analytics firm Sumo Logic is investigating a potential security incident within their platform, the company revealed on Tuesday. “On Friday, November 3rd, 2023, Sumo Logic discovered evidence of a potential security incident. The activity identified used a compromised credential to access a Sumo Logic AWS account,” the company said in its security notice. “We have not at this time discovered any impacts to our networks or systems, and customer data has been and remains encrypted.” Upon detecting suspicious activity, the company moved to secure its vulnerable infrastructure, change other potentially compromised credentials, bolster system security measures, and investigate the incident’s source and magnitude. 


A nasty Python package continues a trend of targeting developers 

Sometimes when malicious hackers meddle with open-source software development, the target isn’t the software — it’s the developers themselves. Researchers at cybersecurity firm Checkmarx say they have been tracking malware intended to infect the computers of developers who work with the popular Python language and have a need to obfuscate their code, or make it unreadable to prying eyes. 


Microsoft Azure Exploited to Create Undetectable Cryptominer 

Cryptomining can cause harm if someone unauthorized does it on a regular person’s device. SafeBreach Labs found that researchers can use trustworthy, widely-used software to mine cryptocurrency without using many resources or incurring costs. In a report shared with Hackread.com ahead of publication on Wednesday, SafeBreach researchers demonstrated this by creating the first completely undetectable cryptominer that operates freely using Microsoft Azure’s Automation service. This service is specifically made to automate cloud-management tasks, eliminating the need for building or maintaining infrastructure. Users only need to provide the scripts for execution. 


Court rules automakers can record and intercept owner text messages 

A federal judge on Tuesday refused to bring back a class action lawsuit alleging four auto manufacturers had violated Washington state’s privacy laws by using vehicles’ on-board infotainment systems to record and intercept customers’ private text messages and mobile phone call logs. The Seattle-based appellate judge ruled that the practice does not meet the threshold for an illegal privacy violation under state law, handing a big win to automakers Honda, Toyota, Volkswagen and General Motors, which are defendants in five related class action suits focused on the issue. One of those cases, against Ford, had been dismissed on appeal previously. 


The UK just laid out new rules for the internet — it only gets harder from here 

After the Online Safety Act’s arduous multiyear passage through the UK’s lawmaking process, regulator Ofcom has published its first guidelines for how tech firms can comply with the mammoth legislation. Its proposal — part of a multiphase publication process — outlines how social media platforms, search engines, online and mobile games, and pornography sites should deal with illegal content like child sexual abuse material (CSAM), terrorism content, and fraud.  

Related Posts