InfoSec News Nuggets 2/2/2024

FBI disrupts Chinese botnet used for targeting US critical infrastructure  The FBI has disrupted the KV botnet, used by People’s Republic of China (PRC) state-sponsored hackers (aka “Volt Typhoon”) to target US-based critical infrastructure organizations. The threat actors used the KV botnet malware to hijack hundreds of US-based, privately-owned small office/home office (SOHO) routers and to hide their hacking activity towards “US and other foreign victims”. “The Volt Typhoon malware enabled China to hide, among other things,…
Read More

InfoSec News Nuggets 10/02/2023

Phishing, Smishing Surge Targets US Postal Service Recent weeks have witnessed a significant increase in cyber-attacks targeting the US Postal Service (USPS), mainly through phishing and smishing campaigns. The surge in these attacks has prompted DomainTools researchers to delve into their origins and implications, with findings described in an advisory published on Thursday. One smishing message raised suspicions due to its peculiar language, suggesting the involvement of a non-native English speaker or reliance on translation…
Read More

InfoSec News Nuggets 02/15/2023

Ransomware attacks surge against US manufacturing plants  The manufacturing industry suffered at least 437 ransomware attacks in 2022, making up more than 70% of these types of costly and disruptive assaults that industrial companies faced last year, according to the cybersecurity firm Dragos. The number of attacks against manufacturing plants also jumped about 107% compared with the 211 recorded against the sector in 2021, according to data from Dragos, which specializes in cybersecurity for industrial systems.…
Read More

InfoSec News Nuggets 12/13/2022

North Korean Hackers Impersonate Researchers to Steal Intel A prolific North Korean state hacking group has gone back to basics in a new attempt to understand Western thinking about the hermit nation, according to Microsoft. Instead of using spear-phishing emails and/or covert information-stealing malware, the hackers are using fairly simple impersonation tactics to get the information they want, the Microsoft Threat Intelligence Center (MSTIC) told Reuters. They’re doing this by sending emails to researchers and foreign…
Read More

InfoSec News Nuggets 06/16/2022

Bluetooth Signals Can Be Used to Track Smartphones, Say Researchers Researchers warn Bluetooth signals can be used to track device owners via a unique fingerprinting of the radio signal. The technique was presented via a paper presented at IEEE Security and Privacy conference last month by researchers at the University of California San Diego. The paper suggests that minor manufacturing imperfections in hardware are unique with each device, and cause measurable distortions which can be used as…
Read More

InfoSec News Nuggets 11/15/2021

China’s next generation of hackers won’t be criminals. That’s a problem. Criminals have a long history of conducting cyber espionage on China’s behalf. Protected from prosecution by their affiliation with China’s Ministry of State Security (MSS), criminals turned government hackers conduct many of China’s espionage operations. Alarming as it may sound, this is not a new phenomenon. An indictment issued by the U.S. Department of Justice last year, for example, indicated that the simultaneous criminal-espionage activity of two…
Read More

InfoSec News Nuggets 12/10/2020

Amnesia-33 vulnerabilities affect 158 vendors, millions of devices Thirty-three vulnerabilities in open-source TCP/IP stacks often buried deep in internet-connected devices may cause years of issues for hundreds of manufacturers, and business and home customers alike. Further complicating matters, manufacturers who are affected may not immediately know their devices are at risk. The package of vulnerabilities, discovered by researchers at Forescout and dubbed Amnesia-33, are buried deep in the supply chain: third-party software used in components…
Read More

InfoSec News Nuggets 08/31/2020

US sues to recover cryptocurrency funds stolen by North Korean hackers The United States government has filed a lawsuit today seeking to seize control over 280 Bitcoin and Ethereum accounts that are believed to be holding funds North Korean hackers stole from two cryptocurrency exchanges. Court documents did not identify the hacked exchanges, but officials said the two hacks took place in July 1, 2019, and September 25, 2019. During the first incident, North Korean…
Read More