InfoSec News Nuggets 7/8/2024

OpenAI Did Not Disclose 2023 Breach to Feds, Public: Report  A hacker reportedly stole information on OpenAI's new technologies last year by breaking into the company's internal messaging systems. The messages from a company-wide meeting in April last year had employees discussing details of new artificial intelligence technologies, the New York Times reported, citing unnamed sources. The hacker did not access systems housing or building its applications, it said. OpenAI did not respond to a request…
Read More

InfoSec News Nuggets 06/20/2023

US Offers $10m Reward For MOVEit Attackers  The US Department of State has offered a $10m reward for information linking members of a Clop affiliate responsible for a recent data extortion campaign to a foreign government. Using the #StopRansomware hashtag, the department issued the announcement as part of its Rewards for Justice initiative. Launched in 1984, the program is designed to boost national security by soliciting information on terrorists, North Korean activity, cyber-threat actors and election interference.    Researchers Discover…
Read More

InfoSec News Nuggets 04/26/2023

Security Failures At TikTok’s Virginia Data Centers: Unescorted Visitors, Mystery Flash Drives And Illicit Crypto Mining  For years, TikTok has told lawmakers that the private data of its U.S. users is secured — and safe from potential influence or exfiltration — in a cluster of data centers located in Northern Virginia. But interviews with seven current and former employees and more than 60 documents, photos and videos from the data centers reveal that the centers have faced…
Read More

InfoSec News Nuggets 04/20/2023

The Car Thieves Using Tech Disguised Inside Old Nokia Phones and Bluetooth Speakers  A man sitting in the driver’s seat of a Toyota is repeatedly tapping a button next to the steering wheel. A red light flashes—no luck, the engine won’t start. He doesn’t have the key. In response, the man pulls up an usual tool: a Nokia 3310 phone. The man plugs the phone into the car using a black cable. He then flicks through…
Read More

InfoSec News Nuggets 02/03/2023

North Korean hackers stole research data in two-month-long breach  A new cyber espionage campaign dubbed 'No Pineapple!' has been attributed to the North Korean Lazarus hacking group, allowing the threat actors to stealthily steal 100GB of data from the victim without causing any destruction. The campaign lasted between August and November 2022, targeting organizations in medical research, healthcare, chemical engineering, energy, defense, and a leading research university. The operation was discovered by Finnish cybersecurity firm WithSecure, whose analysts…
Read More

InfoSec News Nuggets 12/07/2022

Pegasus spyware was used to hack reporters’ phones. I’m suing its creators Iwas warned in August 2020. A source told me to meet him at six o’clock at night in an empty parking lot in San Salvador. He had my number, but he contacted me through a mutual acquaintance instead; he didn’t want to leave a trace. When I arrived, he told me to leave my phone in the car. As we walked, he warned…
Read More