AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 12/01/2023

Suspected China-based hackers target Uzbekistan gov’t, South Koreans, Cisco says 

Hackers believed to be based in China are targeting the Uzbekistan Ministry of Foreign Affairs, as well as people in South Korea, with a strain of malware called SugarGh0st, according to a new report. Cisco published a blog on Thursday spotlighting the malware — which they believe is a variant of Gh0st RAT, an infamous tool used for more than a decade by a range of advanced persistent threat (APT) groups in attacks on diplomatic, political, economic, and military targets around the world. In the latest campaign identified by Cisco Talos researchers, aChinese-speaking threat actor began attacking targets in August.  


Regulator says stranger entered hospital, treated a patient, took a document … then vanished 

NHS Fife is on the wrong end of a stern ticking off by Britain’s data regulator after it made a howling privacy error that aided an as yet unknown person who had entered a hospital ward only to walk off with data on 14 patients. The “reprimand” [PDF] by the Information Commissioner’s Office is related to an alleged breach that took place at the one of the sites that NHS Fife is responsible for. Due to a “lack of checks and formal processes” the unauthorized individual who was not employed by the health service was “handed” a document containing the personal data of 14 patients, and even helped administer care to one, the ICO investigation found. 


Mark Zuckerberg posts a secret code while announcing the secret code feature for WhatsApp 

WhatsApp is rolling out new features to enhance user privacy. Mark Zuckerberg, the CEO of Meta, announced the secret code feature for Chat Lock by posting a secret code. The feature will allow users to protect their chats with a unique password. Additionally, WhatsApp is introducing two new shortcuts to quickly lock chats. The caption said: Rolling out secret code to Chat Lock on WhatsApp so you can protect your chats with a unique password. Now you can set your locked chats to only appear when you type the secret code in the search bar, so no one can “unintentionally” discover your most private conversations. 


Interpol makes first border arrest using Biometric Hub to ID suspect 

European police have for the first time made an arrest after remotely checking Interpol’s trove of biometric data to identify a suspected smuggler. The fugitive migrant, we’re told, gave a fake name and phony identification documents at a police check in Sarajevo, Bosnia and Herzegovina, while traveling toward Western Europe. And he probably would have got away with it, too, if it weren’t for you meddling kids Interpol’s Biometric Hub – a recently activated tool that uses French identity and biometrics vendor Idemia’s technology to match people’s biometric data against the multinational policing org’s global fingerprint and facial recognition databases. 


US judge halts pending TikTok ban in Montana 

A federal judge on Thursday temporarily blocked a ban on TikTok set to come into effect next year in Montana, saying the popular video sharing app was likely to win its pending legal challenge. US District Court Judge Donald Molloy placed the injunction on the ban until the case, originally filed by TikTok in May, has been ruled on its merits. Molloy deemed it likely TikTok and its users will win, since it appeared the Montana law not only violates free speech rights but runs counter to the fact that foreign policy matters are the exclusive domain of the federal government. 


New Tool Set Found Used Against Middle East, Africa and the US 

Unit 42 researchers observed a series of apparently related attacks against organizations in the Middle East, Africa and the U.S. We will discuss a set of tools used in the course of the attacks that reveal clues about the threat actors’ activity. We are sharing this research to provide detection, prevention and hunting recommendations to help organizations strengthen their overall security posture. 

Related Posts