InfoSec News Nuggets 2/14/2025

British military drops basic training to fast track recruitment of ‘cyber warriors’ The British government is dropping the traditional fitness and weapons training for specialist cyber military recruits in order to address a cyber skills shortage within His Majesty’s Armed Forces, including in its arm for offensive operations in the National Cyber Force. The new pipeline will see up to 50 recruits accelerated into existing vacancies with either the Royal Navy or the Royal Air Force by the end…
Read More

InfoSec News Nuggets 2/12/2025

Security attacks on password managers have soared Cybercriminals are increasingly targeting password managers in an attempt to break into various important digital accounts. Picus Security detailed its findings in the newly-released Red Report 2025, based on an in-depth analysis of more than a million malware variants collected last year, finding a quarter of all malware (25%) targeted credentials in password stores. This, the researchers claim, represents a three-fold increase compared to the year before. “For the first…
Read More

InfoSec News Nuggets 2/11/2025

Label maker Avery says ransomware investigation also found credit-card scraper The world’s largest supplier of labels said a ransomware attack in December prompted an investigation that led to the discovery of a data breach impacting the information of about 67,000 customers. In breach notification letters, Avery Products said a ransomware attack was discovered on December 9 and prompted an in-depth investigation led by forensic experts. They found that “an unauthorized actor inserted malicious software that was…
Read More

InfoSec News Nuggets 2/10/2025

Coinbase accused of neglecting security, costing users up to $300M annually Cryptocurrency investigators ZachXBT and tanuki42 accused Coinbase of failing to address security vulnerabilities and scam incidents that have cost investors millions of dollars each month. On Feb. 3, independent crypto investigator ZachXBT and tanuki42 from zeroShadow reported that Coinbase users lost more than $65 million in December 2024 and January 2025 alone. Still, the duo claimed the losses were even higher, as their calculations…
Read More

InfoSec News Nuggets 2/4/2025

Microsoft passwords at risk as hackers exploit Google Forbes reports that hackers are targeting Microsoft advertiser accounts in an attempt to steal login information and access the advertising platform. Malwarebytes researchers discovered how hackers use malicious ads appearing on Google Search to get sensitive data. The cybersecurity company discovered that sponsored ads contained malicious links despite Google’s security measures. Malwarebytes contacted Google for a statement and received a response stating, “We expressly prohibit ads that aim…
Read More

InfoSec News Nuggets 2/3/2025

Facebook flags Linux topics as 'cybersecurity threats' — posts and users being blocked Facebook is banning posts that mention various Linux-related topics, sites, or groups. Some users may also see their accounts locked or limited when posting Linux topics. Major open-source operating system news, reviews, and discussion site DistroWatch is at the center of the controversy, as it seems to be the first to have noticed that Facebook's Community Standards had blackballed it. A post on the…
Read More

InfoSec News Nuggets 1/28/2025

DeepSeek’s top-ranked AI app is restricting sign-ups due to ‘malicious attacks’ After surging to the top of Apple’s App Store charts in the US, DeepSeek’s AI Assistant is now restricting new user sign-ups. According to an incident report page, registrations are being temporarily limited “due to large-scale malicious attacks on DeepSeek’s services,” though it’s unclear how these limitations are being applied. “Existing users can log in as usual,” DeepSeek said in its update. “Thanks for your…
Read More

InfoSec News Nuggets 1/27/2025

Someone is slipping a hidden backdoor into Juniper routers across the globe, activated by a magic packet Someone has been quietly backdooring selected Juniper routers around the world in key sectors including semiconductor, energy, and manufacturing, since at least mid-2023. The devices were infected with what appears to be a variant of cd00r, a publicly available "invisible backdoor" designed to operate stealthily on a victim's machine by monitoring network traffic for specific conditions before activating. It's…
Read More

InfoSec News Nuggets 1/24/2025

Microsoft's LinkedIn sued for disclosing customer information to train AI models Microsoft's (MSFT.O), opens new tab LinkedIn has been sued by Premium customers who said the business-focused social media platform disclosed their private messages to third parties without permission to train generative artificial intelligence models. According to a proposed class action filed on Tuesday night on behalf of millions of LinkedIn Premium customers, LinkedIn quietly introduced a privacy setting last August that let users enable or disable…
Read More

InfoSec News Nuggets 1/23/2025

The Internet is (once again) awash with IoT botnets delivering record DDoSes We’re only three weeks into 2025, and it’s already shaping up to be the year of Internet of Things-driven DDoSes. Reports are rolling in of threat actors infecting thousands of home and office routers, web cameras, and other Internet-connected devices. Here is a sampling of research released since the first of the year. A post on Tuesday from content-delivery network Cloudflare reported on a recent…
Read More

InfoSec News Nuggets 1/22/2025

ChatGPT Crawler Vulnerability Let Attackers Trigger DDoS Attack On Any Websites OpenAI’s ChatGPT API has been found to have a significant crawler vulnerability that enables attackers to launch Distributed Denial of Service (DDoS) attacks on arbitrary websites. This vulnerability is a significant concern for both web administrators and enterprises since it poses substantial risks to website availability. According to Benjamin Flesch the vulnerability lies within the ChatGPT API, specifically in how it handles HTTP POST requests directed at…
Read More

InfoSec News Nuggets 1/21/2025

US issues final rule barring Chinese, Russian connected car tech The Commerce Department on Tuesday announced a new rule that will bar certain Chinese and Russian connected car technology from being imported to the United States. Software and hardware built into Vehicle Connectivity Systems (VCS) — such as telematics control units and cellular, satellite and Wi-fi functions — which are manufactured in China and Russia will be banned, along with any connected cars containing them.  Separately Russian…
Read More

InfoSec News Nuggets 1/16/2025

Microsoft stops using Bing to trick people into thinking they’re on Google Microsoft has quietly killed off its spoofed Google UI that it was using to trick Bing users into thinking they were using Google. Earlier this month you could search for “Google” on Bing and get a page that looked a lot like Google, complete with a special search bar, an image resembling a Google Doodle, and even some small text under the search bar just…
Read More

InfoSec News Nuggets 1/15/2025

UK floats ransomware payout ban for public sector A total ban on ransomware payments across the public sector might actually happen after the UK government opened a consultation on how to combat the trend of criminals locking up whole systems and taxpayers footing the bill. The consultation will consider views on extending the ransom payment ban from central government departments to all public services including hospitals, schools, local authorities, and state-operated transport networks. Announced today,…
Read More

InfoSec News Nuggets 1/14/2025

Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days A new ransomware crew dubbed Codefinger targets AWS S3 buckets and uses the cloud giant's own server-side encryption with customer provided keys (SSE-C) to lock up victims' data before demanding a ransom payment for the symmetric AES-256 keys required to decrypt it. Halcyon threat hunters say they first spotted this criminal gang in December, and in recent weeks observed two such ransomware attacks…
Read More

InfoSec News Nuggets 1/13/2025

Cannabis company Stiiizy says hackers accessed customers’ ID documents Popular Los Angeles-based cannabis brand Stiiizy has confirmed that hackers accessed reams of sensitive customer data, including government-issued documents and medical cannabis cards, during a November cyberattack. In a data breach notice filed with California’s attorney general this week, Stiiizy said it was notified by its point-of-sale processing vendor that an “organized cybercrime group” had compromised the data from some of its retail locations.   Docker Desktop blocked…
Read More

InfoSec News Nuggets 1/10/2025

License Plate Readers Are Leaking Real-Time Video Feeds and Vehicle Data In just 20 minutes this morning, an automated license-plate-recognition (ALPR) system in Nashville, Tennessee, captured photographs and detailed information from nearly 1,000 vehicles as they passed by. Among them: eight black Jeep Wranglers, six Honda Accords, an ambulance, and a yellow Ford Fiesta with a vanity plate. This trove of real-time vehicle data, collected by one of Motorola’s ALPR systems, is meant to be accessible…
Read More

InfoSec News Nuggets 1/9/2025

Scammers Impersonate Authorities to Swipe OTPs with Remote Access Apps Cybersecurity researchers at Group-IB have discovered a sophisticated refund scam where scammers are using remote access tools and software to steal personal and financial information from victims in the Middle East. The modus operandi of the scam involves these scammers posing as government officials, gaining the trust of their targets by offering to help them claim refunds for unsatisfactory purchases. In return, scammers end up…
Read More

InfoSec News Nuggets 1/8/2025

Green Bay Packers' online store hacked to steal credit cards The Green Bay Packers American football team is notifying fans that a threat actor hacked its official online retail store in October and injected a card skimmer script to steal customers' personal and payment information. The National Football League team says it immediately disabled all checkout and payment capabilities after discovering on October 23 that the packersproshop.com website was breached. "On October 23, 2024, we…
Read More

InfoSec News Nuggets 1/7/2025

“Can you try a game I made?” Fake game sites lead to information stealers A new, malicious campaign is making the rounds online and it starts simple: Unwitting targets receive a direct message (DM) on a Discord server asking about their interest in beta testing a new videogame (targets can also receive a text message or an email). Often, the message comes from the “developer” themselves, as asking whether you can try a game that…
Read More

InfoSec News Nuggets 1/6/2025

US Treasury incident a clear warning on supply chain security in 2025 A major state-sponsored cyber incident that targeted the United States Department of the Treasury in the weeks prior to Christmas 2024 appears to have begun as the result of a compromise at a third-party tech support supplier, serving as a warning on the precarious security and vulnerable nature of technology supply chains for IT firms and their customers alike. The cyber attack was allegedly the…
Read More

InfoSec News Nuggets 1/3/2025

Cyberhaven Chrome Extension Hack Linked to Widening Supply Chain Campaign The supply chain attack in which cybersecurity firm Cyberhaven’s Chrome extension was compromised to steal users’ data appears to be part of a wider campaign in which at least 29 extensions were hit over the past year and a half. As part of the Cyberhaven incident, a threat actor gained access to the company’s Chrome Web Store administrator account and published a new version of the…
Read More

InfoSec News Nuggets 12/31/2024

Defense Giant General Dynamics Says Employees Targeted in Phishing Attack Aerospace and defense giant General Dynamics says threat actors compromised dozens of employee benefits accounts after a successful phishing campaign targeting its personnel. The unauthorized activity was discovered on October 10, after the attackers had accessed and made changes to the employee benefits accounts through a login portal hosted by a third party. According to the company, the attackers ran a fraudulent advertising campaign that…
Read More

InfoSec News Nuggets 12/30/2024

Emerging Threats & Vulnerabilities to Prepare for in 2025 In 2024, we at Dark Reading covered a variety of attacks, exploits, and, of course, vulnerabilities across the board. Here, we recount 10 emerging threats organizations should be prepared for — as detailed by Dr. Jason Clark in "10 Emerging Vulnerabilities Every Enterprise Should Know," a Dark Reading webinar — as they continuously rise and develop in 2025. Zero-days and their increase in volume across the…
Read More

InfoSec News Nuggets 12/26/2024

The Breachies 2024: The Worst, Weirdest, Most Impactful Data Breaches of the Year Every year, countless emails hit our inboxes telling us that our personal information was accessed, shared, or stolen in a data breach. In many cases, there is little we can do. Most of us can assume that at least our phone numbers, emails, addresses, credit card numbers, and social security numbers are all available somewhere on the internet. But some of these data breaches are more…
Read More

InfoSec News Nuggets 12/24/2024

Suspected LockBit dev, facing US extradition, 'did it for the money' An alleged LockBit ransomware developer is in custody in Israel and awaiting extradition to the United States. Israeli law enforcement arrested Rostislav Panev, 51, a dual Russian and Israeli national, in August at the request of the US. Panev faces 41 counts, including computer-related extortion, conspiracy to commit fraud, conspiracy to commit wire fraud, and intentional damage to a protected computer, according to a…
Read More

InfoSec News Nuggets 12/23/2024

China 'compromised' Canadian government networks and stole valuable info: spy agency Threat actors sponsored by China "compromised" Canadian government networks over the past five years and collected valuable information, says a new report from Canada's cyber spy agency. The Communications Security Establishment, responsible for foreign signals intelligence, cyber operations and cyber security, released its updated national cyber threat assessment on Wednesday. The assessment flags threats the agency sees as the most pressing ones facing individuals and…
Read More

InfoSec News Nuggets 12/20/2024

Don't fall for a mail asking for rapid Docusign action – it may be an Azure account hijack phish Unknown criminals went on a phishing expedition that targeted about 20,000 users across the automotive, chemical and industrial compound manufacturing sectors in Europe, and tried to steal account credentials and then hijack the victims' Microsoft Azure cloud infrastructure. After taking over victims' accounts, the miscreants signed into new devices using stolen creds so they could maintain…
Read More

InfoSec News Nuggets 12/19/2024

Man Accused of SQL Injection Hacking Gets 69-Month Prison Sentence The US Justice Department has announced the sentencing of 32-year-old Vitalii Antonenko, a man accused of hacking, credit card theft, and money laundering.  Antonenko, a resident of New York City, was arrested in March 2019 after returning from Ukraine. An indictment accusing him of participating in a cybercrime scheme was announced one year later.  The man pleaded guilty to conspiracy to engage in computer hacking, money laundering, and trafficking…
Read More

InfoSec News Nuggets 12/18/2024

Serbia: Authorities using spyware and Cellebrite forensic extraction tools to hack journalists and activists Serbian police and intelligence authorities are using advanced phone spyware alongside mobile phone forensic products to unlawfully target journalists, environmental activists and other individuals in a covert surveillance campaign, a new Amnesty International report has revealed.  The report, “A Digital Prison”: Surveillance and the Suppression of Civil Society in Serbia, documents how mobile forensic products made by Israeli company Cellebrite are being used…
Read More

InfoSec News Nuggets 12/16/2024

Data breach at Senior Dating website spills info of 765,000 users A database belonging to matchmaking site, Senior Dating, has been discovered on data leak site Have I Been Pwned (HIBP). The database contains the personally identifiable information of 765,517 users, and the site has since been shut down entirely. The compromised data breach stems from a Google-backed web development platform, Firebase. Another dating site with the same owner, Ladies.com, suffered a similar breach, with 118,809 users exposed.…
Read More

InfoSec News Nuggets 12/13/2024

Senators, witnesses: $3B for ‘rip and replace’ a good start to preventing Salt Typhoon-style breaches The $3 billion that Congress folded into the annual defense policy bill to remove Chinese-made telecommunications technology from U.S. networks would be a huge start to defending against breaches like the Salt Typhoon espionage campaign, senators and hearing witnesses said Wednesday. Federal Communications Commission Chairwoman Jessica Rosenworcel recently told Hill leaders that the $1.9 billion Congress had devoted to the “rip and…
Read More

InfoSec News Nuggets 12/12/2024

Top Mexican fintech firm leaks details on 1.6 million customers A Mexican fintech startup has been found holding a large database full of sensitive customer data wide open on the internet, available for anyone who knows where to look. Security researchers from Cybernews found the database in early September 2024 after a routine investigation of publicly available indexes. The database, belonging to a company called Kapital, contained sensitive data on 1.6 million Mexicans, including voter IDs and…
Read More

InfoSec News Nuggets 12/11/2024

Russia disrupts internet access in multiple regions to test ‘sovereign internet’ Residents of several Russian regions experienced internet disruptions over the weekend as local authorities attempted to disconnect them from the global network and test the country’s so-called “sovereign internet” infrastructure. According to a report by the U.S. nonprofit Institute for the Study of War (ISW), these trials mostly affected Russian regions populated by ethnic minorities, including Chechnya, Dagestan and Ingushetia. Data from the internet watchdog NetBlocks…
Read More

InfoSec News Nuggets 12/10/2024

Apple sued for allegedly harboring child sexual abuse material on iCloud A lawsuit was filed against Apple this weekend, accusing the company of knowingly allowing its iCloud storage service to be used for storing child sexual abuse material (CSAM). The suit, filed on behalf of thousands of victims of child sexual abuse, alleges Apple's inaction has caused further harm to victims. The victim, a 27-year-old woman, filed the lawsuit after enduring abuse that began in…
Read More

InfoSec News Nuggets 12/09/2024

Recently Charged Scattered Spider Suspect Did Poor Job at Covering Tracks A 19-year-old from California has been charged over his alleged role in Scattered Spider attacks, and court documents show that he did a poor job at covering his tracks. Bloomberg [paywalled article] reported that the teen, Remington Ogletree, was arrested last month and released on bail. According to court documents, Ogletree conducted cybercriminal activities between at least October 2023 and May 2024. He has been…
Read More

InfoSec News Nuggets 12/05/2024

U.S. Offered $10M for Hacker Just Arrested by Russia In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “Wazawaka,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The U.S. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. Last week, the Russian government reportedly arrested Matveev and charged him with creating malware used to extort companies.…
Read More

InfoSec News Nuggets 12/04/2024

US agency proposes new rule blocking data brokers from selling Americans’ sensitive personal data The Consumer Financial Protection Bureau (CFPB) has proposed a new rule that would block data brokers from selling personal and financial information on Americans, including their Social Security numbers and phone numbers, under the Fair Credit Reporting Act (FCRA).  In proposing the new rules, months after President Biden signed an executive order to curb the sale of Americans’ private data, the U.S. consumer…
Read More

InfoSec News Nuggets 12/03/2024

Hackers claim to have cracked Microsoft's software licensing protection almost entirely A team of hackers claim that they have cracked "almost the entire Windows / Office software licensing protection". The breakthrough allows them to activate "almost any version of Windows and Office" permanently. Windows and Office installations require activation. This may happen behind the scene or when users enter product keys. Workarounds and hacks have been available for a long time. One popular choice requires…
Read More

InfoSec News Nuggets 12/02/2024

Police bust pirate streaming service making €250 million per month An international law enforcement operation has dismantled a pirate streaming service that served over 22 million users worldwide and made €250 million ($263M) per month. Italy's Postal and Cybersecurity Police Service announced the action, codenamed "Taken Down," stating they worked with Eurojust, Europol, and many other European countries, making this the largest takedown of its kind in Italy and internationally. "More than 270 Postal Police officers, in…
Read More

InfoSec News Nuggets 11/27/2024

US government agencies told to patch these critical security flaws or face attack The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new critical vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning federal agencies they have a three-week deadline to apply the available patch, or stop using the affected software altogether. The agency added a missing authentication vulnerability to KEV tracked under CVE-2023-28461, which has a severity score of 9.8, and allows…
Read More

InfoSec News Nuggets 11/26/2024

7-Zip affected by dangerous vulnerability: users must update the app manually The popular file compression program 7-Zip is currently affected by a high-severity vulnerability that allows attackers to execute code on the victim’s machines, Trend Micro’s Zero Day Initiative (ZDI) has disclosed. The flaw has a severity score of 7.8 out of 10, and it affects all 7-Zip versions prior to 24.07. It was released on June 19th, 2024, and the current version is 24.08.…
Read More

InfoSec News Nuggets 11/25/2024

Now Online Safety Act is law, UK has 'priorities' – but still won't explain 'spy clause' The UK government has set out plans detailing how it will use the new law it has created to control online platforms and social media – with one telling exception. The Draft Statement of Strategic Priorities for online safety places an emphasis on platform providers preventing online harms in the first place, and collaborating with regulator Ofcom on how the new…
Read More

InfoSec News Nuggets 11/22/2024

Now Online Safety Act is law, UK has 'priorities' – but still won't explain 'spy clause' The UK government has set out plans detailing how it will use the new law it has created to control online platforms and social media – with one telling exception. The Draft Statement of Strategic Priorities for online safety places an emphasis on platform providers preventing online harms in the first place, and collaborating with regulator Ofcom on how the new…
Read More

InfoSec News Nuggets 11/21/2024

Fake Discount Sites Exploit Black Friday to Hijack Shopper Information A new phishing campaign is targeting e-commerce shoppers in Europe and the United States with bogus pages that mimic legitimate brands with the goal of stealing their personal information ahead of the Black Friday shopping season. "The campaign leveraged the heightened online shopping activity in November, the peak season for Black Friday discounts. The threat actor used fake discounted products as phishing lures to deceive…
Read More

InfoSec News Nuggets 11/20/2024

300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks Over 300 drinking water systems that serve roughly 110 million people in the US are affected by vulnerabilities that could lead to service disruptions, a new report from the Environmental Protection Agency (EPA)’s Office of Inspector General (OIG) shows. A passive assessment of security defects in 1,062 drinking water systems that serve over 193 million individuals has revealed that a quarter of them…
Read More

InfoSec News Nuggets 11/19/2024

Porch pirates appear to be accessing AT&T data to track iPhone deliveries A new report today suggests that porch pirates – thieves who steal packages left on doorsteps shortly after delivery – have accessed tracking data from AT&T systems to follow iPhone deliveries. There has been a marked uptick in iPhones being stolen from doorsteps after being ordered from AT&T and delivered by Fedex, apparently with the help of real-time delivery updates.   Phobos Ransomware Administrator Extradited from South…
Read More

InfoSec News Nuggets 11/18/2024

Hackers now sending physical malicious letters, Swiss authorities warn Is there anything threat actors won’t do to gain initial access? Swiss authorities are warning about a new sophisticated cybersecurity threat – malicious counterfeit letters. Cyber bandits have launched a malicious campaign across Switzerland using counterfeit letters that appear to be from MeteoSwiss (the Federal Office of Meteorology and Climatology). The victims report that the letters contain a QR code asking recipients to download a new…
Read More

InfoSec News Nuggets 11/15/2024

Chinese national faces 20 years in US prison for laundering pig-butchering proceeds One of the ringleaders of a scheme to launder millions stolen through cryptocurrency investment scams pleaded guilty in a California courtroom on Tuesday. Daren Li, 41, faces up to 20 years in prison for taking part in an operation that laundered more than $73 million stolen from people duped by so-called “pig-butchering” scams. Pig butchering typically involves a scammer forming a relationship with a…
Read More

InfoSec News Nuggets 11/14/2024

Our heat map shows sectors with $7.1 trillion in debt face heightened cyber risk Cyber risk in the telecommunications, airlines, and power generation industries shifts to the highest level in our latest cyber heat map. Numerous other sectors, including manufacturing, education, medical products, mass transit, and ports, also show more acute risk than in our 2022 heat map, either due to rising exposure or weaker oversight than in other industries. Together, these sectors account for…
Read More