InfoSec News Nuggets 11/15/2024

Chinese national faces 20 years in US prison for laundering pig-butchering proceeds One of the ringleaders of a scheme to launder millions stolen through cryptocurrency investment scams pleaded guilty in a California courtroom on Tuesday. Daren Li, 41, faces up to 20 years in prison for taking part in an operation that laundered more than $73 million stolen from people duped by so-called “pig-butchering” scams. Pig butchering typically involves a scammer forming a relationship with a…
Read More

InfoSec News Nuggets 9/13/2024

Fortinet confirms data breach after hacker claims to steal 440GB of files Cybersecurity giant Fortinet has confirmed it suffered a data breach after a threat actor claimed to steal 440GB of files from the company's Microsoft Sharepoint server. Fortinet is one of the largest cybersecurity companies in the world, selling secure networking products like firewalls, routers, and VPN devices. The company also offers SIEM, network management, and EDR/XDR solutions, as well as consulting services. Early this…
Read More

InfoSec News Nuggets 11/17/2023

Samsung Data Breach: Hackers Steal Data of UK Customers  Samsung has notified its customers in the United Kingdom that a data breach has exposed the personal information of thousands of individuals. The breach impacted customers who made purchases on the company’s UK online store between July 1, 2019, and June 30, 2020. The company discovered the breach on November 13, 2023, and determined that an unauthorized individual exploited a vulnerability in a third-party business application to…
Read More

InfoSec News Nuggets 11/30/2022

Espionage group using USB devices to hack targets in Southeast Asia USB devices are being used to hack targets in Southeast Asia, according to a new report by cybersecurity firm Mandiant. The use of USB devices as an initial access vector is unusual as they require some form of physical access — even if it is provided by an unwitting employee — to the target device. Earlier this year the FBI warned that cybercriminals were…
Read More

InfoSec News Nuggets 10/13/2022

The Real Threat From A.I. Isn’t Superintelligence. It’s Gullibility. The rapid rise of artificial intelligence over the past few decades, from pipe dream to reality, has been staggering. A.I. programs have long been chess and Jeopardy! Champions, but they have also conquered poker, crossword puzzles, Go, and even protein folding. They power the social media, video, and search sites we all use daily, and very recently they have leaped into a realm previously thought unimaginable…
Read More

InfoSec News Nuggets 09/09/2021

Half a million Fortinet VPN passwords leaked online A cybercriminal has released credentials associated with almost half a million Fortinet VPN accounts online. The account information was supposedly scraped from Fortinet devices, by exploiting a security vulnerability that first came to light in April. Although months have elapsed since a patch was released, many of the credentials remain current, the hacker claims. The data was made public by a threat actor known as Orange, who has a…
Read More