AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 5/8/2024

This Mac Malware Can Take Screenshots of Your Computer

Apple used to tout the fact that Macs didn’t get viruses, and while Apple definitely has good anti-malware software, their machines are far from impervious to infection. And with Macs more popular than ever, there exists even more potential malware out there, ready to steal your data and ruin your day. The latest can even take screenshots of what’s on your Mac’s monitor without your knowledge. Researchers from Kandji have discovered the threat targeting Macs, and it’s not great news. Kandji reports this new malware, which they’ve named “Cuckoo,” is a mix between spyware and an infostealer. They discovered it in apps hosted by a site called “DumpMedia,” which purported to convert songs on streaming services into MP3s.


United States Sanctions Senior Leader of the LockBit Ransomware Group

Today, the United States designated Dmitry Yuryevich Khoroshev, a Russian national and a leader of the Russia-based LockBit group, for his role in developing and distributing LockBit ransomware. This designation is the result of a collaborative effort with the U.S. Department of Justice, Federal Bureau of Investigation, the United Kingdom’s National Crime Agency, the Australian Federal Police, and other international partners. Concurrently, the Department of Justice is unsealing an indictment and the Department of State is announcing a reward offer for information leading to the arrest and/or conviction of Khoroshev. The United Kingdom and Australia are also announcing the designation of Khoroshev.\


Why Your VPN May Not Be As Secure As It Claims

Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target’s traffic off of the protection provided by their VPN without triggering any alerts to the user. When a device initially tries to connect to a network, it broadcasts a message to the entire local network stating that it is requesting an Internet address. Normally, the only system on the network that notices this request and replies is the router responsible for managing the network to which the user is trying to connect.


Biden signs bill to protect children from online sexual abuse and exploitation

On April 29, Senators Jon Ossoff (D-GA) and Marsha Blackburn (R-SC) proposed a bipartisan bill to protect children from online sexual exploitation. President Biden officially signed the REPORT Act into law on Tuesday. This marks the first time that websites and social media platforms are legally obligated to report crimes related to federal trafficking, grooming, and enticement of children to the National Center for Missing and Exploited Children’s (NCMEC) CyberTipline.


RSAC: Log4J Still Among Top Exploited Vulnerabilities, Cato Finds

Three years after its discovery, the Log4J vulnerability (CVE-2021-44228) exploit remains one of the most attempted exploits observed by cloud security provider Cato Networks. Cato Cyber Threat Research Labs (CTRL) published its inaugural SASE Threat Report for Q1 2024 on May 6 during the RSA Conference 2024. In the report, the firm observed that the Log4J exploit represented 30% of the outbound vulnerability exploitations and 18% of the inbound vulnerability exploitations detected in the first quarter of 2024.

Related Posts