InfoSec News Nuggets 3/7/2024

Hackers target Docker, Hadoop, Redis, Confluence with new Golang malware Hackers are targeting misconfigured servers running Apache Hadoop YARN, Docker, Confluence, or Redis with new Golang-based malware that automates the discovery and compromise of the hosts. The malicious tools used in the campaign take advantage of the configuration weaknesses and exploit an old vulnerability in Atlassian Confluence to execute code on the machine. Researchers at cloud forensics and incident response company Cado Security discovered the…
Read More

InfoSec News Nuggets 2/8/2024

Google Contributes $1 Million to Rust, Says It Prevented Hundreds of Android Vulnerabilities  oogle today announced a grant of $1 million to the Rust Foundation, meant to help improve the interoperability between Rust and C++ code. The internet giant joined the Rust Foundation in 2021, for the same reason, and has adopted the memory-safe programming language across Android and other Google products, due to its benefits for addressing memory safety vulnerabilities. “Based on historical vulnerability density statistics, Rust…
Read More

InfoSec News Nuggets 12/18/2023

3CX warns customers to disable SQL database integrations  VoIP communications company 3CX warned customers today to disable SQL Database integrations because of risks posed by what it describes as a potential vulnerability. Although the security advisory released today lacks any specific information regarding the issue, it advises customers to take preventive measures by disabling their MongoDB, MsSQL, MySQL, and PostgreSQL database integrations. "If you're using an SQL Database integration it's subject potentially to a vulnerability - depending upon…
Read More

InfoSec News Nuggets 12/11/2023

  Google admits AI viral video was edited to look better  A video showcasing the capabilities of Google's artificial intelligence (AI) model which seemed too good to be true might just be that. The Gemini demo, which has 1.6m views on YouTube, shows a remarkable back-and-forth where an AI responds in real time to spoken-word prompts and video. In the video's description, Google said all was not as it seemed - it had sped up responses…
Read More

InfoSec News Nuggets 10/27/2023

UK government accused of ‘vandalism’ over abolishing biometrics safeguards  The British government’s plans to remove safeguards around biometrics and public space surveillance were described on Thursday as “shocking” and “tantamount to vandalism” by an outgoing commissioner. Fraser Sampson, the biometrics and surveillance camera commissioner, said: “The loss of regulation and oversight in this key area comes just as the evolution of AI-driven biometric surveillance makes it more important than ever.” It comes as Prime Minister Rishi Sunak…
Read More

InfoSec News Nuggets 09/28/2023

Valve fails to get out of paying its EU geo-blocking fine Valve has failed to convince a court that it didn't infringe EU law by geo-blocking activation keys, according to a new ruling. The company argued that, based on copyright law, publishers had the right to charge different prices for games in different countries. However, the EU General Court confirmed that its geo-blocking actions "infringed EU competition law"and that copyright law didn't apply.   Google…
Read More

InfoSec News Nuggets 09/18/2023

TikTok hit with €345 million fine over privacy settings for children TikTok has been hit with a €345 million EU fine over the way it processes the personal data of children and teenage users, the first handed out by the bloc to the Chinese-owned social media platform. Ireland’s Data Protection Commission, the regulator responsible for holding TikTok Technology to EU data protection law, announced the fine on Friday after an investigation that began in September…
Read More

InfoSec News Nuggets 09/15/2023

Auckland transport authority hit by suspected ransomware attack  The Auckland Transport (AT) transportation authority in New Zealand is dealing with a widespread outage caused by a cyber incident, impacting a wide range of customer services. AT is the government-owned regional transportation authority in the Auckland region, responsible for public transport through ferries, busses, and trains and for designing and building roads and other infrastructure. The company has announced today that it's experiencing issues with its HOP services (integrated ticketing…
Read More

InfoSec News Nuggets 06/23/2023

Critical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 Websites  A critical security flaw has been disclosed in the WordPress "Abandoned Cart Lite for WooCommerce" plugin that's installed on more than 30,000 websites. "This vulnerability makes it possible for an attacker to gain access to the accounts of users who have abandoned their carts, who are typically customers but can extend to other high-level users when the right conditions are met," Defiant's Wordfence said in an advisory. Tracked as CVE-2023-2986, the…
Read More

InfoSec News Nuggets 05/17/2023

ChatGPT's chief to testify before Congress as concerns grow about artificial intelligence risks  The head of the artificial intelligence company that makes ChatGPT will testify before Congress as lawmakers call for new rules to guide the rapid development of AI technology. OpenAI CEO Sam Altman is scheduled to speak at a Senate hearing Tuesday. His San Francisco-based startup rocketed to public attention after its release late last year of ChatGPT, a free chatbot tool that answers questions with convincingly…
Read More

InfoSec News Nuggets 04/06/2023

Hackers posed as reporters in attacks on North Korea experts, Google says  Government-backed hackers allegedly connected to the North Korean military targeted people with expertise in North Korea policy issues by posing as journalists, according to a new report. Researchers from Google’s Threat Analysis Group (TAG) released the report Wednesday as a follow-up to one published last week by cybersecurity firm Mandiant — which is owned by Google. Mandiant’s report highlighted the work of APT43, a group of…
Read More

InfoSec News Nuggets 02/14/2023

Don't Get Scammed This Valentine's Day  Valentine's Day can be a tough time to be single, but be careful who you connect with. That beautiful blond woman or superhot guy messaging you may be after more than just your love and affection. Experts warn that this is peak season for online romance scams, which accounted for a staggering $1.3 billion in losses last year, according to the Federal Trade Commission. The pandemic and our increasingly digital lives mean…
Read More

InfoSec News Nuggets 11/15/2022

Australia to 'stand up and punch back' against cyber crims Australia's government has declared the nation is planning to go on the offensive against international cyber crooks following recent high-profile attacks on local health insurer Medibank and telco Optus. The aggressive posture was expressed in the announcement of a "Joint standing operation" that will see the Australian Federal Police and the Australian Signals Directorate (Australia's GCHQ/NSA analog) run a team with a mission "to investigate,…
Read More

InfoSec News Nuggets 10/18/2022

International crackdown on West-African financial crime rings  Behind the headlines that emerged earlier this month on the arrest of two suspected online scammers in South Africa lies a global police operation coordinated by INTERPOL. Codenamed Operation Jackal, the joint law enforcement effort mobilized 14 countries across four continents in a targeted strike against Black Axe and related West-African organized crime groups. Operation Jackal marks the first time INTERPOL has coordinated a global operation specifically against Black Axe, which is…
Read More

InfoSec News Nuggets 10/05/2022

In 2023, Google can notify you if personal info pops up in search Starting “early next year,” Google will be able to notify you if your personal info, such as your phone number, email, or home address, shows up in search results as part of its “results about you” tool. The announcement comes as Google has officially started rolling out the tool, which lets people easily create takedown requests for results with their personal info.…
Read More

InfoSec News Nuggets 08/31/2022

Singapore clocks higher ransomware attacks, warns of IoT risks Ransomware and phishing attacks continue to climb in Singapore, hitting small and midsize businesses (SMBs) and social media platforms. Cybercriminals also are expected to turn their attention to Internet of Things (IoT) devices and crypto-based transactions, leveraging the lack of security safeguards on these platforms.  Some 55,000 local-hosted phishing URLs were identified last year, up 17% from 2020, with social media companies accounting for more than…
Read More

InfoSec News Nuggets 08/22/2022

Google blocks largest HTTPS DDoS attack 'reported to date' A Google Cloud Armor customer was hit with a distributed denial-of-service (DDoS) attack over the HTTPS protocol that reached 46 million requests per second (RPS), making it the largest ever recorded of its kind. In just two minutes, the attack escalated from 100,000 RPS to a record-breaking 46 million RPS, almost 80% more than the previous record, an HTTPS DDoS of 26 million RPS that Cloudflare mitigated in…
Read More

InfoSec News Nuggets 08/12/2022

It Might Be Our Data, But It’s Not Our Breach A cybersecurity firm says it has intercepted a large, unique stolen data set containing the names, addresses, email addresses, phone numbers, Social Security Numbers and dates of birth on nearly 23 million Americans. The firm’s analysis of the data suggests it corresponds to current and former customers of AT&T. The telecommunications giant stopped short of saying the data wasn’t theirs, but it maintains the records do…
Read More

InfoSec News Nuggets 07/01/2022

Google: Half of 2022's Zero-Days Are Variants of Previous Vulnerabilities Google Project Zero has observed a total of 18 exploited zero-day vulnerabilities in the first half of 2022, at least half of which exist because previous bugs were not properly addressed. According to Google Project Zero researcher Maddie Stone, nine of the in-the-wild zero-days seen so far this year could have been prevented had organizations applied more comprehensive patching. “On top of that, four of the 2022…
Read More

InfoSec News Nuggets 06/24/2022

Multiple Backdoored Python Libraries Caught Stealing AWS Secrets and Keys Researchers have discovered a number of malicious Python packages in the official third-party software repository that are engineered to exfiltrate AWS credentials and environment variables to a publicly exposed endpoint. The list of packages includes loglib-modules, pyg-modules, pygrata, pygrata-utils, and hkg-sol-utils, according to Sonatype security researcher Ax Sharma. The packages and as well as the endpoint have now been taken down. "Some of these packages…
Read More

InfoSec News Nuggets 06/14/2022

Roblox Game Pass store used to sell ransomware decryptor A new ransomware is taking the unusual approach of selling its decryptor on the Roblox gaming platform using the service's in-game Robux currency. Roblox is an online kids gaming platform where members can create their own games and monetize them by selling Game Passes, which provide in-game items, special access, or enhanced features. To pay for these Game Passes, members must purchase them using an in-game…
Read More

InfoSec News Nuggets 03/11/2022

1 - Ukrainian IT Army Hijacked by Info-stealing Malware Security researchers are urging pro-Ukrainian actors to be wary of downloading DDoS tools to attack Russia, as they may be booby-trapped with info-stealing malware. In late February, Ukrainian vice prime minister, Mykhailo Fedorov, called for a volunteer “IT army” of hackers to DDoS Russian targets. However, Cisco Talos claimed that opportunistic cyber-criminals are looking to exploit the subsequent widespread outpouring of support for the Eastern European nation. Specifically,…
Read More

InfoSec News Nuggets 01/27/2022

Threats Are (Still) on the Rise: 2022 Ponemon Report Insider threats are a major risk for organizations of all sizes—and it’s expensive to ignore them. Insider threat incidents are costing businesses upwards of $15 million annually, on average. And it’s not just careless insiders who are to blame for insider threats; more organizations are reporting that credential theft is a growing concern in 2022. To compound matters, it now takes 85 days to contain an insider threat,…
Read More

InfoSec News Nuggets 12/31/2021

Supply chains, ransomware, zero trust and other security predictions for 2022 As 2021 draws to a close, no one in their right mind thinks that cybersecurity risk is just someone else’s problem anymore; major cybersecurity incidents like the SolarWinds breach and the Colonial Pipeline ransomware attack have raised cybersecurity awareness among public opinions and decision-makers.  The White House issued an Executive Order on cybersecurity in May to send a clear message about the administration’s priorities: create a nationwide commitment to enforcing…
Read More

InfoSec News Nuggets 12/28/2021

Amazon Alexa slammed for giving lethal challenge to 10-year-old girl An Amazon Echo owner was left shocked after Alexa proposed a dangerous challenge to her ten-year-old daughter. AI-powered virtual assistants like Alexa that power smart devices and speakers such as Echo, Echo Dot, and Amazon Tap, come with a plethora of capabilities. These include enabling the users to play simple verbal games or request "challenges" on demand. When sitting idle, such as during the holidays, it wouldn't be unusual for an Amazon…
Read More

InfoSec News Nuggets 12/20/2021

Facebook bans 7 'surveillance-for-hire' companies that spied on 50,000 users The parent company of Facebook and Instagram has banned seven firms it says used its platforms to spy on some 50,000 unsuspecting targets, including human rights activists, government critics, celebrities, journalists and ordinary people in more than 100 countries. These "surveillance-for-hire" companies were linked to around 1,500 accounts on Facebook and Instagram that were used to collect information on people and try to trick them…
Read More

InfoSec News Nuggets 12/09/2021

Google disrupts massive Glupteba botnet, sues Russian operators Google announced today that it has taken action to disrupt the Glupteba botnet that now controls more than 1 million Windows PCs around the world, growing by thousands of new infected devices each day. Glupteba is a blockchain-enabled and modular malware that has been targeting Windows devices worldwide since at least 2011, including the US, India, Brazil, and countries from Southeast Asia. Threat actors behind this malware strain…
Read More

InfoSec News Nuggets 10/07/2021

New TSA regulations to address cyberattack threat to rail systems The Transportation Security Administration will soon issue new regulations designed to make transit agencies and airlines better prepared for cyberattacks. Homeland Security Secretary Alejandro Mayorkas says that, under the new directive, railroads and rail-related entities deemed "higher-risk" will be required to appoint a point person in charge of cybersecurity, report cyber incidents to DHS' Cybersecurity and Infrastructure Security Agency and create a contingency plan for…
Read More

InfoSec News Nuggets 09/20/2021

Apple and Google Pull Opposition App From Russian Stores Following Kremlin Pressure On Friday morning, Bloomberg reported that Google and Apple have removed longtime opposition leader Alexei Navalny’s voter guide app from the App Store and Google Play store in Russia. Activists have charged the companies with bowing to Kremlin pressure. The Russian parliamentary elections began today and last through Sunday. On Thursday, Russian state media outlet Tass reported that Vasily Piskarev, head of the Committee on Safety and…
Read More

InfoSec News Nuggets 05/25/2021

1 - Audio maker Bose discloses data breach after ransomware attack Bose Corporation (Bose) has disclosed a data breach following a ransomware attack that hit the company's systems in early March. In a breach notification letter filed with New Hampshire's Office of the Attorney General, Bose said that it "experienced a sophisticated cyber-incident that resulted in the deployment of malware/ransomware across" its "environment." "Bose first detected the malware/ransomware on Bose's U.S. systems on March 7,…
Read More

InfoSec News Nuggets 05/19/2021

1 - iPhone calendar spam attacks on the rise Recently, we have seen an increasing number of reports from iPhone users about their calendars filling up with junk events. These events are most often either pornographic in nature, or claim that the device has been infected or hacked, and in all cases they contain malicious links. This phenomenon is known as “calendar spam.” Calendar spam became a big problem for Apple’s iCloud calendars back in 2016. At…
Read More

InfoSec News Nuggets 04/16/2021

1 - Capcom: Ransomware gang used old VPN device to breach the network Capcom has released a final update about the ransomware attack it suffered last year, detailing how the hackers gained access to the network, compromised devices, and stole personal information belonging to thousands of individuals. In early November 2020, Ragnar Locker ransomware hit the Japanese game developer and publisher, forcing Capcom to shut down portions of their network. In typical fashion for human-operated…
Read More

InfoSec News Nuggets 04/12/2021

1 - Hackers Hacked as Underground Carding Site is Breached Thousands of cyber-criminals have had their personal data leaked online after a popular carding forum was hacked, according to Group-IB. The Singapore-based security firm said it discovered that data belonging to users of the Swarmshop site was leaked to another underground forum on March 17. “The database was posted on a different underground forum and contained 12,344 records of the card shop admins, sellers and…
Read More

InfoSec News Nuggets 03/15/2021

Former Facebook insiders explain why the company is making such a big fuss over Apple’s upcoming privacy change For the past few weeks, Facebook has been running an ad campaign in defense of personalized advertisements, arguing that targeted ads are key to the success of small businesses. The catalyst for the campaign has been an ongoing battle between the social media company and Apple. The battle focuses on a unique device identifier on every iPhone and iPad called the IDFA.…
Read More

InfoSec News Nuggets 03/02/2021

The Rise of Vendor-Owned News Sites Underscores the Appetite for Cybersecurity Information One of the most prolific cybersecurity journalists, Catalin Cimpanu of ZDNet, left the popular CBS-owned tech publication on Friday. Today he joins The Record, a publication backed by the cybersecurity firm Recorded Future. (Catalin’s jump to Recorded Future is occurring the day after the firm issued a report on its startling discovery that a Chinese state-sponsored hacking group dubbed Red Echo introduced malware into Indian power…
Read More

InfoSec News Nuggets 01/29/2021

Arrest, Seizures Tied to Netwalker Ransomware U.S. and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. In connection with the seizure, a Canadian national suspected of extorting more than $27 million through the spreading of NetWalker was charged in a Florida court. NetWalker is a ransomware-as-a-service crimeware product in which affiliates rent access to the continuously updated malware code in exchange for a…
Read More

InfoSec News Nuggets 11/16/2020

Microsoft says it’s time for you to stop using SMS and voice calls for multi-factor authentication Multi-factor authentication makes it much harder for hackers to break their way into your online accounts, even if they already know your password. An online account protected by MFA will prompt you to enter a separate one-time code – often constructed out of six random digits that expire after a short period of time – after you have entered…
Read More

InfoSec News Nuggets 10/21/2020

Seven mobile browsers vulnerable to address bar spoofing attacks An "address bar spoofing" vulnerability refers to a bug in a web browser that allows a malicious website to modify its real URL and show a fake one instead — usually one for a legitimate site. Address bar spoofing vulnerabilities have been around since the early days of the web, but they have never been so dangerous as they are today. While on desktop browsers there…
Read More

InfoSec News Nuggets 10/06/2020

SunCrypt ransomware group swears off medical entities, sets sights on cybersecurity firms When the SunCrypt ransomware group opened a leak site where they listed victims who had not paid their ransom demands, they attracted public attention and demonstrated their ability to use the media to their advantage. In following up on their previously disclosed victims and leaks, DataBreaches.net noticed that a medical entity who had been listed on SunCrypt’s site no longer appeared on it.…
Read More

InfoSec News Nuggets 09/28/2020

Google adds a COVID-19 layer to Google Maps Google continues to work on improving Google Maps and on Wednesday a "COVID-19 layer" started rolling out. With this layer, users can see areas where the virus is spreading and it is coded by color based on the number of people with the coronavirus in each region. The layer produces these color codes based on the seven-day average for the number of new COVID-19 cases per 100,000…
Read More

InfoSec News Nuggets 09/23/2020

FBI hopes a more aggressive cyber strategy will disrupt foreign hackers Last week saw a flurry of U.S. indictments of alleged Chinese and Iranian hackers as part of a multi-agency crackdown on foreign intelligence services. The Department of Treasury issued sanctions, the Department of Homeland Security advised companies on how to fend off hackers and U.S. intelligence agencies likely kept a close eye on possible reactions from Beijing and Tehran. At the center of the coordinated crackdowns, though, were…
Read More

InfoSec News Nuggets 09/02/2020

Former engineer pleads guilty to Cisco network damage, causing Webex Teams account chaos A former Cisco engineer has admitted to illegally accessing Cisco's network and wiping 456 virtual machines as well as causing disruption to over 16,000 Webex Teams accounts. Sudhish Kasaba Ramesh has taken a plea agreement in a federal court in San Jose after being accused of intentionally accessing a protected computer without authorization and recklessly causing damage, according to the US Department of Justice…
Read More

InfoSec News Nuggets 08/25/2020

Here's how to turn your old phone into a home security camera for free If you have some old phones collecting dust in a drawer somewhere, don't sell them for a fraction of what you bought them for. If they still turn on, you can put them to good use in your home. You could turn one into a baby monitor or a makeshift Google Home speaker, for example. Those are good ideas and you can find more in the link…
Read More

InfoSec News Nuggets 7/31/2020

US provides new expanded set of espionage charges against former Twitter employees The two former Twitter employees, Ahmad Abouammo and Ali Alzabarah, and the third person named Ahmed Almutairi were originally charged with fraudulently accessing private information and acting as illegal agents of a foreign government for allegedly spying on Twitter users critical of the Saudi royal family. This time around, the individuals have been charged with seven offences instead of two. The charges include acting as…
Read More

InfoSec News Nuggets 7/28/2020

A vigilante is sabotaging the Emotet botnet by replacing malware payloads with GIFs An unknown vigilante hacker has been sabotaging the operations of the recently-revived Emotet botnet by replacing Emotet payloads with animated GIFs, effectively preventing victims from getting infected. The sabotage, which started three days ago, on July 21, has grown from a simple joke to a serious issue impacting a large portion of the Emotet operation. According to Cryptolaemus, a group of white-hat security researchers tracking…
Read More

InfoSec News Nuggets 7/23/2020

TikTok might be sold to US investors to ward off security concerns Chinese short video platform TikTok is currently facing close scrutiny and risks being booted out of the US — which is home to some of its most popular content creators — but the app may find a lifeline there. The Information reports that a number of US-based investors who already have a stake in TikTok‘s parent company, ByteDance, are considering purchasing the subsidiary company to…
Read More

InfoSec News Nuggets 7/15/2020

MIT creates a soft-fingered robotic gripper than could eventually tie knots and sew stitches MIT’s Computer Science and Artificial Intelligence Lab (CSAIL) has shared the results of a new project in which it built a two-fingered robotic gripper, which has soft pads for dedicated and fine manipulation of objects like cables, sheets and more. The robot’s design is based on how humans use their fingers to do things like untangle wires and tie knots. To…
Read More

InfoSec News Nuggets 7/2/2020

Creepto Cash: personal data of thousands of users from the UK, Australia, South Africa, the US, Singapore exposed in bitcoin scam Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has discovered thousands of personal records of users from the UK, Australia, South Africa, the US, Singapore, Spain, Malaysia and other countries exposed in a targeted multi-stage bitcoin scam. Victim’s phone numbers, which in most cases came with names and emails, were contained in personalized URLs used to redirect people to websites posing…
Read More

InfoSec News Nuggets 6/25/2020

Warning: ‘Invisible God’ Hacker Sold Access To More Than 135 Companies In Just Three Years Major antivirus companies, banks, insurance providers, government agencies, large hotels, wineries, restaurants, airlines. Think of almost any kind of company and there’s a good chance a prolific, financially-motivated hacker known as Fxmsp has broken into it, or attempted to, according to a report released Tuesday. Dubbed the “invisible god of networks,” he’s a suspected male from Kazakhstan who claimed to have broken…
Read More

InfoSec News Nuggets 6/23/2020

Activists publish 269GB of hacked US police force data Dubbed BlueLeaks, the group known as Distributed Denial of Secrets (DDoSecrets) has published 269GB of material providing insights into law enforcement and a wide array of US government activities. The public can also access the information in its entirety. These files include hundreds of thousands of images, as well as documents, tables, text files, videos and emails, with the complete dataset available to download by anybody…
Read More