InfoSec News Nuggets 9/19/2024

Chinese spies spent months inside aerospace engineering firm's network via legacy IT Chinese state-sponsored spies have been spotted inside a global engineering firm's network, having gained initial entry using an admin portal's default credentials on an IBM AIX server. In an exclusive interview with The Register, Binary Defense's Director of Security Research John Dwyer said the cyber snoops first compromised one of the victim's three unmanaged AIX servers in March, and remained inside the US-headquartered manufacturer's…
Read More

InfoSec News Nuggets 7/16/2024

Infoseccers claim Squarespace migration linked to DNS hijackings at Web3 firms Security researchers are claiming a spate of DNS hijackings at web3 businesses is linked to Squarespace's acquisition of Google Domains last year. The theory is that cybercriminals may have picked up on a flaw in the method Squarespace used to migrate Google Domains customer data over to its servers, allowing them to guess the email addresses associated with admin accounts and register the account…
Read More

InfoSec News Nuggets 5/22/2024

AI Seoul Summit: 16 AI Companies Sign Frontier AI Safety Commitments In a “historic first,” 16 global AI companies have signed new commitments to safely develop AI models. The announcement was made during the virtual AI Seoul Summit, the second event on AI safety co-hosted on May 21-22 by the UK and South Korea. The Frontier AI Safety Commitments’ signatories include some of the biggest US tech giants, such as Amazon, Anthropic, Google, IBM, Microsoft…
Read More

InfoSec News Nuggets 3/27/2024

Microsoft to shut down 50 cloud services for Russian businesses Microsoft plans to limit access to over fifty cloud products for Russian organizations by the end of March as part of the sanctions requirements against the country issued by EU regulators last December. The suspension was initially scheduled for March 20, 2024, but it was moved to the end of the month to give impacted entities more time to set up alternative solutions. The news…
Read More

InfoSec News Nuggets 3/26/2024

Microsoft to shut down 50 cloud services for Russian businesses Microsoft plans to limit access to over fifty cloud products for Russian organizations by the end of March as part of the sanctions requirements against the country issued by EU regulators last December. The suspension was initially scheduled for March 20, 2024, but it was moved to the end of the month to give impacted entities more time to set up alternative solutions. The news…
Read More

InfoSec News Nuggets 1/12/2024

Framework discloses data breach after accountant gets phished  Framework Computer disclosed a data breach exposing the personal information of an undisclosed number of customers after Keating Consulting Group, its accounting service provider, fell victim to a phishing attack. The California-based manufacturer of upgradeable and modular laptops says a Keating Consulting accountant was tricked on January 11 by a threat actor impersonating Framework's CEO into sharing a spreadsheet containing customers' personally identifiable information (PII) "associated with outstanding…
Read More

InfoSec News Nuggets 10/06/2023

Hundreds of malicious Python packages found stealing sensitive data A malicious campaign that researchers observed growing more complex over the past half year, has been planting on open-source platforms hundreds of info-stealing packages that counted about 75,000 downloads. The campaign has been monitored since early April by analysts at Checkmarx's Supply Chain Security team, who discovered 272 packages with code for stealing sensitive data from targeted systems. The attack has evolved significantly since it was…
Read More

InfoSec News Nuggets 05/10/2023

US authorities seize more domains linked to prolific DDoS-for-hire websites  U.S. authorities have seized 13 more domains linked to some of the world’s most popular DDoS-for-hire websites. These websites, also described as “booter” or “stressor” services, are marketed as legitimate security testing tools that allow admins to stress-test websites. In reality, the services are used for launching denial-of-service (DDoS) attacks designed to overwhelm websites and networks and force them offline. The DOJ announced on Monday that the FBI had…
Read More

InfoSec News Nuggets 01/31/2023

JD Sports says 10 million customers hit by cyber attack  Sportswear chain JD Sports has said stored data relating to 10 million customers might be at risk after it was hit by a cyber attack. The company said information that "may have been accessed" by hackers included names, addresses, email accounts, phone numbers, order details and the final four digits of bank cards. The data related to online orders between November 2018 and October 2020. JD Sports said it…
Read More

InfoSec News Nuggets 11/15/2022

Australia to 'stand up and punch back' against cyber crims Australia's government has declared the nation is planning to go on the offensive against international cyber crooks following recent high-profile attacks on local health insurer Medibank and telco Optus. The aggressive posture was expressed in the announcement of a "Joint standing operation" that will see the Australian Federal Police and the Australian Signals Directorate (Australia's GCHQ/NSA analog) run a team with a mission "to investigate,…
Read More

InfoSec News Nuggets 10/27/2022

Vice Society Ransomware Campaigns Continue to Impact US Education Sector The threat actor known as Vice Society has been conducting ransomware and extortion campaigns against the global education sector, particularly in the US. The findings come from Microsoft security researchers, who published an advisory about Vice Society (tracked by the tech giant as DEV-0832) on Tuesday. “Shifting ransomware payloads over time from BlackCat, QuantumLocker, and Zeppelin, DEV-0832’s latest payload is a Zeppelin variant that includes…
Read More

InfoSec News Nuggets 05/31/2022

Paper reveals a quarter of the world's internet users rely on infrastructure that is susceptible to attacks About a quarter of the world's internet users live in countries that are more susceptible than previously thought to targeted attacks on their internet infrastructure. Many of the at-risk countries are located in the Global South. That's the conclusion of a sweeping, large-scale study conducted by computer scientists at the University of California San Diego. The researchers surveyed 75 countries. "We…
Read More

InfoSec News Nuggets 04/18/2022

CISA Alert on ICS, SCADA Devices Highlights Growing Enterprise IoT Security Risks On April 13, the Department of Energy (DoE), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory to warn that certain industrial control systems (ICS) and supervisory control and data acquisition (SCADA) devices can be targeted by advanced persistent threat (APT) actors who have the capability to gain full system access.…
Read More

InfoSec News Nuggets 02/23/2022

OKC Police rape kit info exposed in data breach of DNA contractor Victims of past sexual assault who had their DNA collected in a rape kit by the Oklahoma City Police Department now face yet more uncertainty because of a data breach. Rape kits are used to collect DNA evidence by law enforcement agencies for sexual assault investigations. Saturday, those who had their DNA information stored by a contractor for OKCPD in connection to sexual…
Read More

InfoSec News Nuggets 08/23/2021

AT&T denies data breach after hacker auctions 70 million user database AT&T says that they did not suffer a data breach after a well-known threat actor claimed to be selling a database containing the personal information of 70 million customers. The threat actor, known as ShinyHunters, began selling this database yesterday on a hacking forum with a starting price of $200,000 and incremental offers of $30,000. The hacker states that they are willing to sell it immediately for $1…
Read More

InfoSec News Nuggets 04/06/2021

Technology could make fighting COVID less restrictive but privacy will take a hit Now that the world has completed a full circuit around the Sun with COVID as a passenger, it is possible to see which jurisdictions responded well, and which are still struggling to come to grips with the virus. Two of the nations held up as exemplars of how to fight COVID were Taiwan and New Zealand, but the approaches were very different: One has…
Read More

InfoSec News Nuggets 03/30/2021

Ransomware gang leaks data from US military contractor the PDI Group A major supplier of military equipment to the US Air Force and militaries across the globe appears to have fallen victim to a ransomware attack. The victim is the PDI Group, an Ohio-based company that manufactures a wide range of ground support equipment for military needs, such as dollies, trollies, and platforms for transporting weapons, engines, and airplane parts during servicing operations. On Tuesday, the…
Read More

InfoSec News Nuggets 12/18/2020

Google sued by 10 states for alleged "anti-competitive conduct" in advertising Ten states on Wednesday brought a lawsuit against Google, accusing the search giant of "anti-competitive conduct" in the online advertising industry, including a deal to manipulate sales with rival Facebook. Texas Attorney General Ken Paxton announced the suit, which was filed in a federal court in Texas, saying Google is using its "monopolistic power" to control pricing of online advertisements, fixing the market in…
Read More

InfoSec News Nuggets 11/03/2020

Twitter explains how it will handle misleading tweets about the US election results Twitter recently updated its policies in advance of the U.S. elections to include specific rules that detailed how it would handle tweets making claims about election results before they were official. Today, the company offered more information about how it plans to prioritize the enforcement of its rules and how it will label any tweets that fall under the new guidelines. In…
Read More

InfoSec News Nuggets 10/01/2020

Cyberattack could trigger Article 5 response, NATO deputy secretary warns NATO is adapting to security threats in cyberspace despite vulnerabilities exploited in the COVID-19 pandemic, Deputy Secretary Mircea Geoana said on Monday. He noted that NATO will establish a Cyberspace Operations Center as a part of its command structure, adding that a military cyber attack on a country qualifies as a cause for all NATO nations to come to its aid. "We agreed that a cyberattack could trigger Article…
Read More

InfoSec News Nuggets 7/20/2020

Iran-linked hackers recently targeted coronavirus drugmaker Gilead Hackers linked to Iran have targeted staff at U.S. drugmaker Gilead Sciences Inc in recent weeks, according to publicly-available web archives reviewed by Reuters and three cybersecurity researchers, as the company races to deploy a treatment for the COVID-19 virus. In one case, a fake email login page designed to steal passwords was sent in April to a top Gilead executive involved in legal and corporate affairs, according…
Read More

InfoSec News Nuggets 11/15/2019

1 - Ransom payments averaging $41,000 per incident The average ransom payment paid out by victims increased 13 percent, to $41,000, during the last three months, but researchers noted the rate of increase has plateaued. Researchers at Coveware credited the victims with being better prepared to restore their data on their own negating the need to pay the ransom. However, that was not enough to offset malicious actors using Sodinokibi and Globelmposter variants to go…
Read More

InfoSec News Nuggets 10/31/2019

1 - Apple Patches Tens of Vulnerabilities in macOS Catalina, iOS 13 Security updates released by Apple this week for iOS 13 and macOS Catalina 10.15 address roughly 40 vulnerabilities, including issues that affect both operating systems. macOS Catalina 10.15.1, the first security update for the latest major version of the operating system, fixes 33 vulnerabilities, including flaws that can be exploited through malicious applications or by getting the targeted user to process a specially crafted file.…
Read More