AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 3/16/2024

Former telecom manager admits to doing SIM swaps for $1,000

A former manager at a telecommunications company in New Jersey pleaded guilty to conspiracy charges for accepting money to perform unauthorized SIM swaps that enabled an accomplice to hack customer accounts. SIM swapping is an unauthorized porting of a targeted person’s phone number to another physical SIM card or eSIM chip controlled by the attacker. These types of attacks are usually conducted via social engineering attacks against customer support agents or through insiders at mobile companies.


As if working at Helldesk weren’t bad enough, IT helpers now targeted by cybercrims

IT helpdesk workers are increasingly the target of cybercriminals – a trend researchers have described as “the most noteworthy” of the past year. It’s not a novel phenomenon, nor is it being carried out in a very sophisticated way, Red Canary’s latest threat report notes, yet the trend is growing and miscreants are seeing greater rates of success. Keen infosec watchers will remember last year that the ransomware attack at MGM Resorts was, per the attacker’s own account of the situation (make of that what you will), orchestrated by phishing an IT helpdesk worker in just the space of 10 minutes.


International Monetary Fund email accounts hacked in cyberattack

The International Monetary Fund (IMF) disclosed a cyber incident on Friday after unknown attackers breached 11 IMF email accounts earlier this year. This international financial institution, funded by 190 member countries, is also a major United Nations financial agency headquartered in Washington, D.C. According to a press release published today, the IMF detected the incident in February and is now conducting an investigation to assess the attack’s impact.


McDonald’s blames global outage on third party

McDonald’s has revealed the technical problems which brought much of its fast food chain to a standstill on Friday were caused by a third party provider. The international restaurant said the global outage happened during a “configuration change” and stopped stores taking orders in the UK, Australia and Japan – amongst others. McDonald’s stressed the issue was not caused by a cyber attack. Stores in the UK and Australia are open again after their systems froze. Those in Japan are reportedly also resuming trade after being forced to close.


Forget TikTok – Chinese spies want to steal IP by backdooring digital locks

There’s another Chinese-manufactured product – joining the likes of TikTok, cars and semiconductors – that poses a national security risk to Americans: Electronic locks, such as those used in safes. In a letter to the US National Counterintelligence and Security Center (NCSC) director Michael Casey, Senator Ron Wyden (D-OR) urged the White House threat-intel arm to sound the alarm on commercial safes and locks. He also accused the Feds of intentionally keeping American businesses in the dark about the data-security risk to trade secrets and other sensitive IP while “quietly protecting government agencies from it.” NCSC spokesperon Dean Boyd told The Register “We’ve received the senator’s letter and are reviewing it.”


Cut submarine cables cause web outages across Africa; 6 countries still affected

Thirteen countries across Africa experienced Internet outages on Thursday due to damage to submarine fiber optic cables. Some countries, including Ghana and Nigeria, are still suffering from nationwide outages. Multiple network providers reported Internet outages yesterday, and Cloudflare’s Radar tool, which monitors Internet usage patterns, detailed how the outage seemingly moved from the northern part of West Africa to South Africa. All 13 countries (Benin, Burkina Faso, Cameroon, Côte d’Ivoire, Ghana, Guinea, Liberia, Namibia, Niger, Nigeria, South Africa, The Gambia, and Togo) reportedly suffered nationwide outages, with most seeing multiple networks hit.

Related Posts