AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 6/28/2024

Shopping app Temu is “dangerous malware,” spying on your texts, lawsuit claims

Temu—the Chinese shopping app that has rapidly grown so popular in the US that even Amazon is reportedly trying to copy it—is “dangerous malware” that’s secretly monetizing a broad swath of unauthorized user data, Arkansas Attorney General Tim Griffin alleged in a lawsuit filed Tuesday. Griffin cited research and media reports exposing Temu’s allegedly nefarious design, which “purposely” allows Temu to “gain unrestricted access to a user’s phone operating system, including, but not limited to, a user’s camera, specific location, contacts, text messages, documents, and other applications.”


TeamViewer’s corporate network was breached in alleged APT hack

The remote access software company TeamViewer is warning that its corporate environment was breached in a cyberattack yesterday, with a cybersecurity firm claiming it was by an APT hacking group. “On Wednesday, 26 June 2024, our security team detected an irregularity in TeamViewer’s internal corporate IT environment,” TeamViewer said in a post to its Trust Center. “We immediately activated our response team and procedures, started investigations together with a team of globally renowned cyber security experts and implemented necessary remediation measures.”


‘Skeleton Key’ attack unlocks the worst of AI, says Microsoft

Microsoft on Thursday published details about Skeleton Key – a technique that bypasses the guardrails used by makers of AI models to prevent their generative chatbots from creating harmful content. As of May, Skeleton Key could be used to coax an AI model – like Meta Llama3-70b-instruct, Google Gemini Pro, or Anthropic Claude 3 Opus – into explaining how to make a Molotov cocktail. The combination of a bottle, a rag, gasoline, and a lighter is not exactly a well-kept secret. But AI companies have insisted they’re working to suppress harmful content buried within AI training data so things like recipes for explosives don’t appear.


U.S. indicts Russian GRU hacker, offers $10 million reward

The U.S. indicted Russian national Amin Timovich Stigal for his alleged role in cyberattacks targeting Ukrainian government computer networks in an operation from the Russian foreign military intelligence agency (GRU) prior to invading the country. The announcement from the Department of Justice (DoJ) says that in January 2022 Stigal and members of the GRU used a U.S.-based company to distribute the WhisperGate pseudo-ransomware to systems at dozens of Ukrainian government entities to destroy data. A Microsoft analysis at the time showed that although WhisperGate demanded a payment of $10,000 in Bitcoin, it practically acted as a data wiper that corrupted all disk partitions beyond restoration.


Chicago Children’s Hospital Says 791,000 Impacted by Ransomware Attack

Ann & Robert H. Lurie Children’s Hospital of Chicago is informing hundreds of thousands of individuals that their personal and health information has been compromised as a result of a ransomware attack. The children’s hospital took many of its systems offline in late January in response to a cyberattack. The incident resulted in limited access to medical records, disruptions to a patient portal, and hampered communications.  An investigation revealed that cybercriminals had access to Lurie Children’s systems between January 26 and January 31, 2024.  A wide range of information was compromised, including name, address, date of birth, dates of service, driver’s license number, Social Security number, email address, phone number, health claims information, medical condition or diagnosis, medical record number, medical treatment, and prescription information. 


Related Posts