AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 9/13/2024

Fortinet confirms data breach after hacker claims to steal 440GB of files

Cybersecurity giant Fortinet has confirmed it suffered a data breach after a threat actor claimed to steal 440GB of files from the company’s Microsoft Sharepoint server. Fortinet is one of the largest cybersecurity companies in the world, selling secure networking products like firewalls, routers, and VPN devices. The company also offers SIEM, network management, and EDR/XDR solutions, as well as consulting services. Early this morning, a threat actor posted to a hacking forum that they had stolen 440GB of data from Fortinet’s Azure Sharepoint instance. The threat actor then shared credentials to an alleged S3 bucket where the stolen data is stored for other threat actors to download.

 

Adobe fixed Acrobat bug, neglected to mention whole zero-day exploit thing

Adobe’s patch for a remote code execution (RCE) bug in Acrobat this week doesn’t mention that the vulnerability is considered a zero-day nor that a proof-of-concept (PoC) exploit exists, a researcher warns. As part of Adobe’s Patch Tuesday, the creative software slinger fixed CVE-2024-41869 – a vulnerability originally reported in June by researcher Haifei Li, founder of zero-day and exploit-detection platform Expmon. Li’s warning comes as the vulnerability was only assigned a 7.8-out-of-10 CVSS base score, which doesn’t carry the same weight as a critical severity rating. Considering there’s a PoC exploit out in the wild, altogether it means sysadmins may not give the vulnerability the level of prioritization it may deserve.

 

I stole 20GB of data from Capgemini – and now I’m leaking it, says cyber-crook

A miscreant claims to have broken into Capgemini and leaked a large amount of sensitive data stolen from the technology services giant – including source code, credentials, and T-Mobile’s virtual machine logs. The French multinational IT and consulting firm did not immediately respond to The Register’s request for comment, and has yet to formally confirm or deny the cyber-criminal’s claims. We will update this story if and when a spokesperson replies to our inquiries. We had heard rumblings of a recent security breach at Capgemini, which earlier declined to comment on those rumors.

 

New Vo1d malware infects 1.3 million Android TV streaming boxes

Threat actors have infected over 1.3 million Android TV streaming boxes with a new Vo1d backdoor malware, allowing the attackers to take full control of the devices. Android TV is Google’s operating system for smart TVs and streaming devices, offering an optimized user interface for TVs and remote navigation, integrated Google Assistant, built-in Chromecast, live TV support, and the ability to install apps. The operating system powers the smart TV features for numerous manufacturers, including TCL, Hisense, and Vizio TVs. It also acts as the operating system for standalone TV streaming media devices, such as the NVIDIA Shield.

 

Cyber insurance set for explosive growth

Cyber insurance is poised for exponential growth over the coming decade, but it remains a capital-intensive peril that requires structural innovation, according to CyberCube. The mid-range projection suggests that the US standalone cyber insurance market could reach $45 billion in premiums by 2034, a fivefold increase from today. However, product innovation will be required to achieve real growth in exposures rather than mainly rate increases, as seen in recent years. Given the low penetration rates for cyber risk coverage today, insurers and brokers need to achieve deeper penetration across organizations, offering larger limits and broader coverage with more clarity on terms and conditions.

Related Posts