AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 8/12/2024

It’s not worth paying to be removed from people-finder sites, study says 

If you’ve searched your name online in the last few years, you know what’s out there, and it’s bad. Alternately, you’ve seen the lowest-common-denominator ads begging you to search out people from your past to see what crimes are on their record. People-search sites are a gross loophole in the public records system, and it doesn’t feel like there’s much you can do about it. Not that some firms haven’t promised to try. Do they work? Not really, Consumer Reports (CR) suggests in a recent study. 

 

Malware force-installs Chrome extensions on 300,000 browsers, patches DLLs 

An ongoing and widespread malware campaign force-installed malicious Google Chrome and Microsoft Edge browser extensions in over 300,000 browsers, modifying the browser’s executables to hijack homepages and steal browsing history. The installer and extensions, which are usually undetected by antivirus tools, are designed to steal data and execute commands on infected devices. The campaign was discovered by researchers at ReasonLabs who warn that the threat actors behind it employ diverse malvertising themes to achieve initial infection. 

 

Warnings Issued Over Cisco Device Hacking, Unpatched Vulnerabilities 

The US cybersecurity agency CISA on Thursday informed organizations about threat actors targeting improperly configured Cisco devices. The agency has observed malicious hackers acquiring system configuration files by abusing available protocols or software, such as the legacy Cisco Smart Install (SMI) feature. This feature has been abused for years to take control of Cisco switches and this is not the first warning issued by the US government. “CISA also continues to see weak password types used on Cisco network devices,” the agency noted on Thursday. “A Cisco password type is the type of algorithm used to secure a Cisco device’s password within a system configuration file. The use of weak password types enables password cracking attacks.”  

 

After global IT meltdown, CrowdStrike courts hackers with action figures and gratitude 

On Wednesday morning, thousands of cybersecurity professionals swarmed the halls of the Mandalay Bay Convention Center in Las Vegas, the epicenter of the annual Black Hat cybersecurity conference, where dozens of companies were advertising their wares. In the first row and with one of the biggest booths stood CrowdStrike, a company that has recently become a household name — but not because of its prowess in stopping malicious hackers. On July 19, CrowdStrike pushed a faulty software update that crashed at least 8.5 million computers all over the  world, causing flight delaysdisrupting hospitals’ operations — including some surgeries — and hamstringing several U.S. government agencies, among many other organizations that had to manually reboot computers and servers to get back to normal.  

 

Black Hat USA 2024 – Summary of Vendor Announcements 

Hundreds of companies and organizations showcased their cybersecurity products and services last week at the 2024 edition of the Black Hat conference in Las Vegas. To help cut through the clutter, the SecurityWeek team is publishing a digest summarizing some of the announcements made by vendors at Black Hat USA 2024, including new products and services, updates to existing offerings, reports, and other initiatives.   

Related Posts