InfoSec News Nuggets 6/24/2024

Australia alters CSAM detection rules after tech firms push back These rules aim to tackle CSAM content online, but changes have been made after critics said there were no safeguards to keep encryption protected. Australia’s independent online safety regulator has amended upcoming online safety rules to keep encryption protected, after the original draft faced criticism from tech companies. The rules aim to make online services do more to tackle child sexual abuse material (CSAM) and…
Read More

InfoSec News Nuggets 4/23/2024

Three suspected Chinese spies arrested in Germany — caught stealing sensitive tech secrets Three people suspected of stealing "innovative technologies for military use" for China have been arrested in Germany. Prosecutors say the individuals, referred to as Thomas R, Herwig F, and Ina F, acted for Chinese intelligence from around June 2022 onwards via a company in Dusseldorf. One of the individuals, Thomas R, was allegedly an agent for an employee of China's Ministry of…
Read More

InfoSec News Nuggets 09/01/2023

Google Removes ‘Pirate’ URLs from Users’ Privately Saved Links  To date, Google has processed more than seven billion copyright takedown requests for its search engine. The majority of the reported links are purged from Google's search index, as required by the DMCA. Recently, however, Google appears to gone a step further, using search takedowns to "moderate" users' privately saved links collections.    NYC subway security flaw seemingly exposes ‘impossible’ Apple Pay vulnerability  An inexcusable NYC…
Read More

InfoSec News Nuggets 01/13/2023

Microsoft retracts its report on Mac ransomware  Microsoft published on Jan. 5 — and then redacted on Jan. 6 — a report that detailed four ransomware families hitting macOS devices. When it comes to cybersecurity threats such as ransomware, most systems affected are usually Windows or Linux, so the news made a splash because it was about macOS devices. But Patrick Wardle, founder of the Objective-See Foundation, pointed out on Twitter that the report had no citations and closely aligned…
Read More

InfoSec News Nuggets 08/10/2021

ITG18: Operational Security Errors Continue to Plague Sizable Iranian Threat Group IBM Security X-Force threat intelligence researchers continue to track the infrastructure and activity of a suspected Iranian threat group ITG18. This group’s tactics, techniques and procedures(TTPs) overlap with groups known as Charming Kitten, Phosphorus and TA453. Since our initial report on the group’s training videos in May 2020, X-Force has uncovered additional operational security errors by this group. Our continued analysis led to the discovery of a malicious tool…
Read More