AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/15/2024

Chinese national faces 20 years in US prison for laundering pig-butchering proceeds

One of the ringleaders of a scheme to launder millions stolen through cryptocurrency investment scams pleaded guilty in a California courtroom on Tuesday. Daren Li, 41, faces up to 20 years in prison for taking part in an operation that laundered more than $73 million stolen from people duped by so-called “pig-butchering” scams. Pig butchering typically involves a scammer forming a relationship with a victim on messaging platforms before persuading them to make fraudulent investments. 

 

Five Eyes infosec agencies list 2024’s most exploited software flaws

The cyber security agencies of the UK, US, Canada, Australia, and New Zealand have issued their annual list of the 15 most exploited vulnerabilities, and warned that attacks on zero-day exploits have become more common. “More routine initial exploitation of zero-day vulnerabilities represents the new normal which should concern end-user organizations and vendors alike as malicious actors seek to infiltrate networks,” wrote Ollie Whitehouse, CTO of the UK’s National Cyber Security Centre. “To reduce the risk of compromise, it is vital all organizations stay on the front foot by applying patches promptly and insisting upon secure-by-design products in the technology marketplace,” he added. 

 

Another major US healthcare organization has been hacked, with potentially major consequences

American Associated Pharmacies (AAP) is joining the ever-growing list of American healthcare organizations to have suffered a ransomware attack. Following the likes of Change Healthcare, Henry Schein, CommonSpirit, and many others, AAP appaears to have suffered the classic double whammy – having its sensitive data stolen, and its systems encrypted. A report from The Register claims the company is yet to make an official statement regarding the attack, having only force-reset passwords for all of its users, and notify them of the change.

 

Man who stole and laundered roughly $1B in bitcoin is sentenced to 5 years in prison

A computer expert who stole bitcoin worth billions of dollars at current prices — and then spent years laundering some of the hacked cryptocurrency with help from his wife — was sentenced on Thursday to five years in prison. Ilya Lichtenstein masterminded one of the largest-ever thefts from a virtual currency exchange before he and his wife, Heather Rhiannon Morgan, carried out an elaborate scheme to liquidate the stolen funds, according to federal prosecutors. U.S. District Judge Colleen Kollar-Kotelly told Lichtenstein that his theft was “meticulously planned” and not an impulsive act.

 

Fortinet patches VPN app flaw that could give rogue users, malware a privilege boost

A now-patched, high-severity bug in Fortinet’s FortiClient VPN application potentially allows a low-privilege rogue user or malware on a vulnerable Windows system to gain higher privileges from another user, execute code and possibly take over the box, and delete log files. The bug is tracked as CVE-2024-47574, and it earned a 7.8 out of 10 CVSS severity rating. It affects FortiClientWindows version 7.4.0, 7.2.4 through 7.2.0, 7.0.12 through 7.0.0, and 6.4.10 through 6.4.0. Fortinet patched the hole on Tuesday, so if you haven’t already, upgrade to a fixed release.

 

Millions of sensitive data records exposed online due to settings fault with this top Microsoft tool

Businesses in both the private and public sector have been leaking personally identifiable information (PII) on millions of people due to a fault with a Microsoft website builder platform. Experts from AppOmni revealed the leak stems from misconfigurations in Microsoft’s Power Pages, a low-code platform within the Microsoft Power Platform suite that allows users to build websites without needing to be expert coders. However, due to misconfigured access controls – namely excessive permissions granted to the Anonymous role – many websites were leaking “significant amounts of data”. That information included full names, email addresses, phone numbers, and home addresses.

Related Posts