AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 12/10/2024

Apple sued for allegedly harboring child sexual abuse material on iCloud

A lawsuit was filed against Apple this weekend, accusing the company of knowingly allowing its iCloud storage service to be used for storing child sexual abuse material (CSAM). The suit, filed on behalf of thousands of victims of child sexual abuse, alleges Apple’s inaction has caused further harm to victims. The victim, a 27-year-old woman, filed the lawsuit after enduring abuse that began in infancy. She revealed that a relative molested her, recorded the abuse, and shared the images online. The woman continues to receive notifications from law enforcement about the discovery of these images on various devices, including one that was stored on Apple’s iCloud.

 

NATO’s New Integrated Cyber Defense Center to Be Operational by 2028

By 2028, NATO’s new Integrated Cyber Defense Center will be fully operational across multiple locations, enhancing the alliance’s ability to address escalating cyber threats. This was confirmed by Stefano Piermarocchi, the head of NATO’s cyber risk management portfolio, in a recent interview with Breaking Defense. He explained that the new center will streamline cyber defense processes to keep pace with emerging threats. “The idea of the center is to facilitate the dialogue with the industry, and to be sure that we’re able to speed up certain processes, to increase our ability to communicate … or to have a really more concrete dialogue with nations,” he noted. While the center will have multiple locations, its headquarters will be in Mons, Belgium.

 

Crooks stole AWS credentials from misconfigured sites then kept them in open S3 bucket

A massive online heist targeting AWS customers during which digital crooks abused misconfigurations in public websites and stole source code, thousands of credentials, and other secrets remains “ongoing to this day,” according to security researchers. Breach hunters Noam Rotem and Ran Locar identified and reported names and contact information of some of the miscreants involved to both the Israeli Cyber Directorate and AWS Fraud Team, according to Rotem, who spoke exclusively with The Register about their investigation.

 

US medical device giant Artivion says hackers stole files during cybersecurity incident

Artivion, a medical device company that manufactures implantable tissues for cardiac and vascular transplant applications, says its services have been “disrupted” due to a cybersecurity incident. In an 8-K filing with the SEC on Monday, Georgia-based Artivion, formerly CryoLife, said it became aware of a “cybersecurity incident” that involved the “acquisition and encryption” of data on November 21. This suggests the company was hit by ransomware, but Artivion has yet to confirm the nature of the incident and did not immediately respond to TechCrunch’s questions. No major ransomware group has claimed responsibility for the attack yet. 

 

‘Security Service Installed Spyware on My Phone,’ says Programmer who Fled Russia

Security researchers have discovered spyware covertly implanted on the phone of a Russian programmer who’d been held in custody by Russian authorities for supplying monetary aid to war-stricken victims in Ukraine. In June, The First Department, a legal assistance organization founded by exiled Russian human rights lawyer Ivan Pavlov, received a report from Kirill Parubets, a Russian programmer who’d been released from two weeks of administrative detention by the Russian Federal Security Service (FSB). Masked police officers had knocked on his door in April with guns in their hands. They searched the place, confiscated his phone and laptop, and incarcerated him and his wife over charges of high treason. The reason? He’d been sending monetary aid to Ukrainian citizens.

 

Bitfinex heist gets the Netflix treatment after ‘cringey couple’ sentenced

A documentary examining the 2016 Bitfinex burglars hits Netflix, bringing the curious case to living rooms for the first time. Biggest Heist Ever covers the story of Ilya Lichtenstein and Heather Morgan, described in the trailer as the “cringey couple” that pulled off a massive digital heist of nearly 120,000 Bitcoin eight years ago. At the time, the stolen tokens were worth around $69 million, although at today’s exchange rate, the sum would be north of $11 billion. Of course, The Register had the story first, but Netflix’s 87-minute rendition shows behind-the-scenes footage of the couple whom the documentary’s marketing team described as the Bitcoin Bonnie and Clyde, all in typical dramatized fashion.

Related Posts