AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 12/13/2022

North Korean Hackers Impersonate Researchers to Steal Intel

A prolific North Korean state hacking group has gone back to basics in a new attempt to understand Western thinking about the hermit nation, according to Microsoft. Instead of using spear-phishing emails and/or covert information-stealing malware, the hackers are using fairly simple impersonation tactics to get the information they want, the Microsoft Threat Intelligence Center (MSTIC) told Reuters. They’re doing this by sending emails to researchers and foreign affairs analysts, spoofed to appear as if sent by journalists and peers in the industry. These missives will ask straight out for the experts’ thoughts on North Korean security issues or even offer them money to write reports. One target, US-based analyst Daniel DePetris, told the newswire that he received emails from a purported think-tank researcher asking for a paper submission or comments on a draft.

Indiana sues TikTok, describes it as “Chinese Trojan Horse”

On Wednesday, the State of Indiana filed two lawsuits against TikTok, Inc, the company behind the same name app, and its parent company, ByteDance. The first suit alleges TikTok’s 12+ rating on the Apple App Store and a “T” for “Teen” rating in the Google Play Store and the Microsoft Store are misleading as minors are repeatedly exposed to inappropriate content generated by the app’s algorithm. The second suit claims that TikTok violated consumer protection laws by not disclosing that China has access to sensitive user data. “TikTok is a wolf in sheep’s clothing,” court documents read, echoing what Federal Communications Commission (FCC) Chairman Brendan Carr said about TikTok back in July.

The weirdest security stories of 2022

There’s been a lot of weird and frankly bizarre attacks over the course of 2022, nestled in amongst the usual ransomware outbreaks and data breaches. Whether we’re talking social media, email, or even malware, there’s been a mind bending tale of tall behaviour in almost every corner. It’s time to forget about nation state attacks and the nagging sensation that every single piece of data ever created has ended up on a TOR site somewhere. For one brief moment in time, we’re going to wallow in weirdness.

Uber suffers new data breach after attack on vendor, info leaked online

Uber has suffered a new data breach after a threat actor leaked employee email addresses, corporate reports, and IT asset information stolen from a third-party vendor in a cybersecurity incident. Early Saturday morning, a threat actor named ‘UberLeaks’ began leaking data allegedly stolen from Uber and Uber Eats on a hacking forum known for publishing data breaches. The leaked data includes numerous archives claiming to be source code associated with mobile device management platforms (MDM) used by Uber and Uber Eats and third-party vendor services.

Twitter confirms recent user data leak is from 2021 breach

Twitter confirmed today that the recent leak of millions of members’ profiles, including private phone numbers and email addresses, resulted from the same data breach the company disclosed in August 2022. Twitter says its incident response team analyzed the user data leaked in November 2022 and confirms it was collected using the same vulnerability before it was fixed in January 2022. “In November 2022, some press reports published that Twitter users’ data had been allegedly leaked online,” reads the update.

Cloudflare’s zero-trust tools available free to public interest sites, nonprofits

Cloudflare on Monday said it was making its Cloudflare One suite of zero-trust tools available for free to at-risk public interest groups, as well as state and local election sites. The organizations in Cloudflare’s Project Galileo and Athenian Project will now have access to zero-trust tools that have typically been only available to large enterprises and are used by more than 10,000 Cloudflare customers. “Cloudflare is the only security provider ensuring that zero-trust is accessible to those most in need — the vulnerable groups in our society, journalists, and nonprofits, as well as the sites that ensure we have trusted, free, and fair elections in the United States,” said Matthew Prince, co-founder and CEO at Cloudflare. “These organizations face constant threats and need to be safe online to achieve their missions — and now they’ll have access to the same security architecture that Fortune 500 companies use.”

Related Posts