15 Nov 2022
By Mary

InfoSec News Nuggets 11/15/2022

Australia to 'stand up and punch back' against cyber crims Australia's government has declared the nation is planning to go on the offensive against international cyber crooks following recent high-profile attacks on local health insurer Medibank and telco Optus. The aggressive posture was expressed in the announcement of a "Joint standing operation" that will see the Australian Federal Police and the Australian Signals Directorate (Australia's GCHQ/NSA analog) run a team with a mission "to investigate,…
Read More
18 Oct 2022
By Mary

InfoSec News Nuggets 10/18/2022

International crackdown on West-African financial crime rings  Behind the headlines that emerged earlier this month on the arrest of two suspected online scammers in South Africa lies a global police operation coordinated by INTERPOL. Codenamed Operation Jackal, the joint law enforcement effort mobilized 14 countries across four continents in a targeted strike against Black Axe and related West-African organized crime groups. Operation Jackal marks the first time INTERPOL has coordinated a global operation specifically against Black Axe, which is…
Read More
05 Oct 2022
By Mary

InfoSec News Nuggets 10/05/2022

In 2023, Google can notify you if personal info pops up in search Starting “early next year,” Google will be able to notify you if your personal info, such as your phone number, email, or home address, shows up in search results as part of its “results about you” tool. The announcement comes as Google has officially started rolling out the tool, which lets people easily create takedown requests for results with their personal info.…
Read More
31 Aug 2022
By Mary

InfoSec News Nuggets 08/31/2022

Singapore clocks higher ransomware attacks, warns of IoT risks Ransomware and phishing attacks continue to climb in Singapore, hitting small and midsize businesses (SMBs) and social media platforms. Cybercriminals also are expected to turn their attention to Internet of Things (IoT) devices and crypto-based transactions, leveraging the lack of security safeguards on these platforms.  Some 55,000 local-hosted phishing URLs were identified last year, up 17% from 2020, with social media companies accounting for more than…
Read More
22 Aug 2022
By Mary

InfoSec News Nuggets 08/22/2022

Google blocks largest HTTPS DDoS attack 'reported to date' A Google Cloud Armor customer was hit with a distributed denial-of-service (DDoS) attack over the HTTPS protocol that reached 46 million requests per second (RPS), making it the largest ever recorded of its kind. In just two minutes, the attack escalated from 100,000 RPS to a record-breaking 46 million RPS, almost 80% more than the previous record, an HTTPS DDoS of 26 million RPS that Cloudflare mitigated in…
Read More
12 Aug 2022
By Mary

InfoSec News Nuggets 08/12/2022

It Might Be Our Data, But It’s Not Our Breach A cybersecurity firm says it has intercepted a large, unique stolen data set containing the names, addresses, email addresses, phone numbers, Social Security Numbers and dates of birth on nearly 23 million Americans. The firm’s analysis of the data suggests it corresponds to current and former customers of AT&T. The telecommunications giant stopped short of saying the data wasn’t theirs, but it maintains the records do…
Read More
01 Jul 2022
By Mary

InfoSec News Nuggets 07/01/2022

Google: Half of 2022's Zero-Days Are Variants of Previous Vulnerabilities Google Project Zero has observed a total of 18 exploited zero-day vulnerabilities in the first half of 2022, at least half of which exist because previous bugs were not properly addressed. According to Google Project Zero researcher Maddie Stone, nine of the in-the-wild zero-days seen so far this year could have been prevented had organizations applied more comprehensive patching. “On top of that, four of the 2022…
Read More
24 Jun 2022
By Mary

InfoSec News Nuggets 06/24/2022

Multiple Backdoored Python Libraries Caught Stealing AWS Secrets and Keys Researchers have discovered a number of malicious Python packages in the official third-party software repository that are engineered to exfiltrate AWS credentials and environment variables to a publicly exposed endpoint. The list of packages includes loglib-modules, pyg-modules, pygrata, pygrata-utils, and hkg-sol-utils, according to Sonatype security researcher Ax Sharma. The packages and as well as the endpoint have now been taken down. "Some of these packages…
Read More
14 Jun 2022
By Mary

InfoSec News Nuggets 06/14/2022

Roblox Game Pass store used to sell ransomware decryptor A new ransomware is taking the unusual approach of selling its decryptor on the Roblox gaming platform using the service's in-game Robux currency. Roblox is an online kids gaming platform where members can create their own games and monetize them by selling Game Passes, which provide in-game items, special access, or enhanced features. To pay for these Game Passes, members must purchase them using an in-game…
Read More
11 Mar 2022
By Mary

InfoSec News Nuggets 03/11/2022

1 - Ukrainian IT Army Hijacked by Info-stealing Malware Security researchers are urging pro-Ukrainian actors to be wary of downloading DDoS tools to attack Russia, as they may be booby-trapped with info-stealing malware. In late February, Ukrainian vice prime minister, Mykhailo Fedorov, called for a volunteer “IT army” of hackers to DDoS Russian targets. However, Cisco Talos claimed that opportunistic cyber-criminals are looking to exploit the subsequent widespread outpouring of support for the Eastern European nation. Specifically,…
Read More
27 Jan 2022
By Mary

InfoSec News Nuggets 01/27/2022

Threats Are (Still) on the Rise: 2022 Ponemon Report Insider threats are a major risk for organizations of all sizes—and it’s expensive to ignore them. Insider threat incidents are costing businesses upwards of $15 million annually, on average. And it’s not just careless insiders who are to blame for insider threats; more organizations are reporting that credential theft is a growing concern in 2022. To compound matters, it now takes 85 days to contain an insider threat,…
Read More
31 Dec 2021
By Mary

InfoSec News Nuggets 12/31/2021

Supply chains, ransomware, zero trust and other security predictions for 2022 As 2021 draws to a close, no one in their right mind thinks that cybersecurity risk is just someone else’s problem anymore; major cybersecurity incidents like the SolarWinds breach and the Colonial Pipeline ransomware attack have raised cybersecurity awareness among public opinions and decision-makers.  The White House issued an Executive Order on cybersecurity in May to send a clear message about the administration’s priorities: create a nationwide commitment to enforcing…
Read More
28 Dec 2021
By Mary

InfoSec News Nuggets 12/28/2021

Amazon Alexa slammed for giving lethal challenge to 10-year-old girl An Amazon Echo owner was left shocked after Alexa proposed a dangerous challenge to her ten-year-old daughter. AI-powered virtual assistants like Alexa that power smart devices and speakers such as Echo, Echo Dot, and Amazon Tap, come with a plethora of capabilities. These include enabling the users to play simple verbal games or request "challenges" on demand. When sitting idle, such as during the holidays, it wouldn't be unusual for an Amazon…
Read More
20 Dec 2021
By Mary

InfoSec News Nuggets 12/20/2021

Facebook bans 7 'surveillance-for-hire' companies that spied on 50,000 users The parent company of Facebook and Instagram has banned seven firms it says used its platforms to spy on some 50,000 unsuspecting targets, including human rights activists, government critics, celebrities, journalists and ordinary people in more than 100 countries. These "surveillance-for-hire" companies were linked to around 1,500 accounts on Facebook and Instagram that were used to collect information on people and try to trick them…
Read More
09 Dec 2021
By Mary

InfoSec News Nuggets 12/09/2021

Google disrupts massive Glupteba botnet, sues Russian operators Google announced today that it has taken action to disrupt the Glupteba botnet that now controls more than 1 million Windows PCs around the world, growing by thousands of new infected devices each day. Glupteba is a blockchain-enabled and modular malware that has been targeting Windows devices worldwide since at least 2011, including the US, India, Brazil, and countries from Southeast Asia. Threat actors behind this malware strain…
Read More
07 Oct 2021
By Mary

InfoSec News Nuggets 10/07/2021

New TSA regulations to address cyberattack threat to rail systems The Transportation Security Administration will soon issue new regulations designed to make transit agencies and airlines better prepared for cyberattacks. Homeland Security Secretary Alejandro Mayorkas says that, under the new directive, railroads and rail-related entities deemed "higher-risk" will be required to appoint a point person in charge of cybersecurity, report cyber incidents to DHS' Cybersecurity and Infrastructure Security Agency and create a contingency plan for…
Read More
20 Sep 2021
By Mary

InfoSec News Nuggets 09/20/2021

Apple and Google Pull Opposition App From Russian Stores Following Kremlin Pressure On Friday morning, Bloomberg reported that Google and Apple have removed longtime opposition leader Alexei Navalny’s voter guide app from the App Store and Google Play store in Russia. Activists have charged the companies with bowing to Kremlin pressure. The Russian parliamentary elections began today and last through Sunday. On Thursday, Russian state media outlet Tass reported that Vasily Piskarev, head of the Committee on Safety and…
Read More
25 May 2021
By Mary

InfoSec News Nuggets 05/25/2021

1 - Audio maker Bose discloses data breach after ransomware attack Bose Corporation (Bose) has disclosed a data breach following a ransomware attack that hit the company's systems in early March. In a breach notification letter filed with New Hampshire's Office of the Attorney General, Bose said that it "experienced a sophisticated cyber-incident that resulted in the deployment of malware/ransomware across" its "environment." "Bose first detected the malware/ransomware on Bose's U.S. systems on March 7,…
Read More
19 May 2021
By Mary

InfoSec News Nuggets 05/19/2021

1 - iPhone calendar spam attacks on the rise Recently, we have seen an increasing number of reports from iPhone users about their calendars filling up with junk events. These events are most often either pornographic in nature, or claim that the device has been infected or hacked, and in all cases they contain malicious links. This phenomenon is known as “calendar spam.” Calendar spam became a big problem for Apple’s iCloud calendars back in 2016. At…
Read More
16 Apr 2021
By Mary

InfoSec News Nuggets 04/16/2021

1 - Capcom: Ransomware gang used old VPN device to breach the network Capcom has released a final update about the ransomware attack it suffered last year, detailing how the hackers gained access to the network, compromised devices, and stole personal information belonging to thousands of individuals. In early November 2020, Ragnar Locker ransomware hit the Japanese game developer and publisher, forcing Capcom to shut down portions of their network. In typical fashion for human-operated…
Read More
12 Apr 2021
By Mary

InfoSec News Nuggets 04/12/2021

1 - Hackers Hacked as Underground Carding Site is Breached Thousands of cyber-criminals have had their personal data leaked online after a popular carding forum was hacked, according to Group-IB. The Singapore-based security firm said it discovered that data belonging to users of the Swarmshop site was leaked to another underground forum on March 17. “The database was posted on a different underground forum and contained 12,344 records of the card shop admins, sellers and…
Read More
15 Mar 2021
By Mary

InfoSec News Nuggets 03/15/2021

Former Facebook insiders explain why the company is making such a big fuss over Apple’s upcoming privacy change For the past few weeks, Facebook has been running an ad campaign in defense of personalized advertisements, arguing that targeted ads are key to the success of small businesses. The catalyst for the campaign has been an ongoing battle between the social media company and Apple. The battle focuses on a unique device identifier on every iPhone and iPad called the IDFA.…
Read More
02 Mar 2021
By Mary

InfoSec News Nuggets 03/02/2021

The Rise of Vendor-Owned News Sites Underscores the Appetite for Cybersecurity Information One of the most prolific cybersecurity journalists, Catalin Cimpanu of ZDNet, left the popular CBS-owned tech publication on Friday. Today he joins The Record, a publication backed by the cybersecurity firm Recorded Future. (Catalin’s jump to Recorded Future is occurring the day after the firm issued a report on its startling discovery that a Chinese state-sponsored hacking group dubbed Red Echo introduced malware into Indian power…
Read More
29 Jan 2021
By Mary

InfoSec News Nuggets 01/29/2021

Arrest, Seizures Tied to Netwalker Ransomware U.S. and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. In connection with the seizure, a Canadian national suspected of extorting more than $27 million through the spreading of NetWalker was charged in a Florida court. NetWalker is a ransomware-as-a-service crimeware product in which affiliates rent access to the continuously updated malware code in exchange for a…
Read More
16 Nov 2020
By Mary

InfoSec News Nuggets 11/16/2020

Microsoft says it’s time for you to stop using SMS and voice calls for multi-factor authentication Multi-factor authentication makes it much harder for hackers to break their way into your online accounts, even if they already know your password. An online account protected by MFA will prompt you to enter a separate one-time code – often constructed out of six random digits that expire after a short period of time – after you have entered…
Read More
21 Oct 2020
By Mary

InfoSec News Nuggets 10/21/2020

Seven mobile browsers vulnerable to address bar spoofing attacks An "address bar spoofing" vulnerability refers to a bug in a web browser that allows a malicious website to modify its real URL and show a fake one instead — usually one for a legitimate site. Address bar spoofing vulnerabilities have been around since the early days of the web, but they have never been so dangerous as they are today. While on desktop browsers there…
Read More
06 Oct 2020
By Mary

InfoSec News Nuggets 10/06/2020

SunCrypt ransomware group swears off medical entities, sets sights on cybersecurity firms When the SunCrypt ransomware group opened a leak site where they listed victims who had not paid their ransom demands, they attracted public attention and demonstrated their ability to use the media to their advantage. In following up on their previously disclosed victims and leaks, DataBreaches.net noticed that a medical entity who had been listed on SunCrypt’s site no longer appeared on it.…
Read More
28 Sep 2020
By Mary

InfoSec News Nuggets 09/28/2020

Google adds a COVID-19 layer to Google Maps Google continues to work on improving Google Maps and on Wednesday a "COVID-19 layer" started rolling out. With this layer, users can see areas where the virus is spreading and it is coded by color based on the number of people with the coronavirus in each region. The layer produces these color codes based on the seven-day average for the number of new COVID-19 cases per 100,000…
Read More
23 Sep 2020
By Mary

InfoSec News Nuggets 09/23/2020

FBI hopes a more aggressive cyber strategy will disrupt foreign hackers Last week saw a flurry of U.S. indictments of alleged Chinese and Iranian hackers as part of a multi-agency crackdown on foreign intelligence services. The Department of Treasury issued sanctions, the Department of Homeland Security advised companies on how to fend off hackers and U.S. intelligence agencies likely kept a close eye on possible reactions from Beijing and Tehran. At the center of the coordinated crackdowns, though, were…
Read More
02 Sep 2020
By Mary

InfoSec News Nuggets 09/02/2020

Former engineer pleads guilty to Cisco network damage, causing Webex Teams account chaos A former Cisco engineer has admitted to illegally accessing Cisco's network and wiping 456 virtual machines as well as causing disruption to over 16,000 Webex Teams accounts. Sudhish Kasaba Ramesh has taken a plea agreement in a federal court in San Jose after being accused of intentionally accessing a protected computer without authorization and recklessly causing damage, according to the US Department of Justice…
Read More
25 Aug 2020
By Mary

InfoSec News Nuggets 08/25/2020

Here's how to turn your old phone into a home security camera for free If you have some old phones collecting dust in a drawer somewhere, don't sell them for a fraction of what you bought them for. If they still turn on, you can put them to good use in your home. You could turn one into a baby monitor or a makeshift Google Home speaker, for example. Those are good ideas and you can find more in the link…
Read More
31 Jul 2020
By Mary

InfoSec News Nuggets 7/31/2020

US provides new expanded set of espionage charges against former Twitter employees The two former Twitter employees, Ahmad Abouammo and Ali Alzabarah, and the third person named Ahmed Almutairi were originally charged with fraudulently accessing private information and acting as illegal agents of a foreign government for allegedly spying on Twitter users critical of the Saudi royal family. This time around, the individuals have been charged with seven offences instead of two. The charges include acting as…
Read More
28 Jul 2020
By Mary

InfoSec News Nuggets 7/28/2020

A vigilante is sabotaging the Emotet botnet by replacing malware payloads with GIFs An unknown vigilante hacker has been sabotaging the operations of the recently-revived Emotet botnet by replacing Emotet payloads with animated GIFs, effectively preventing victims from getting infected. The sabotage, which started three days ago, on July 21, has grown from a simple joke to a serious issue impacting a large portion of the Emotet operation. According to Cryptolaemus, a group of white-hat security researchers tracking…
Read More
23 Jul 2020
By Mary

InfoSec News Nuggets 7/23/2020

TikTok might be sold to US investors to ward off security concerns Chinese short video platform TikTok is currently facing close scrutiny and risks being booted out of the US — which is home to some of its most popular content creators — but the app may find a lifeline there. The Information reports that a number of US-based investors who already have a stake in TikTok‘s parent company, ByteDance, are considering purchasing the subsidiary company to…
Read More
15 Jul 2020
By Mary

InfoSec News Nuggets 7/15/2020

MIT creates a soft-fingered robotic gripper than could eventually tie knots and sew stitches MIT’s Computer Science and Artificial Intelligence Lab (CSAIL) has shared the results of a new project in which it built a two-fingered robotic gripper, which has soft pads for dedicated and fine manipulation of objects like cables, sheets and more. The robot’s design is based on how humans use their fingers to do things like untangle wires and tie knots. To…
Read More
02 Jul 2020
By Mary

InfoSec News Nuggets 7/2/2020

Creepto Cash: personal data of thousands of users from the UK, Australia, South Africa, the US, Singapore exposed in bitcoin scam Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has discovered thousands of personal records of users from the UK, Australia, South Africa, the US, Singapore, Spain, Malaysia and other countries exposed in a targeted multi-stage bitcoin scam. Victim’s phone numbers, which in most cases came with names and emails, were contained in personalized URLs used to redirect people to websites posing…
Read More
25 Jun 2020
By Mary

InfoSec News Nuggets 6/25/2020

Warning: ‘Invisible God’ Hacker Sold Access To More Than 135 Companies In Just Three Years Major antivirus companies, banks, insurance providers, government agencies, large hotels, wineries, restaurants, airlines. Think of almost any kind of company and there’s a good chance a prolific, financially-motivated hacker known as Fxmsp has broken into it, or attempted to, according to a report released Tuesday. Dubbed the “invisible god of networks,” he’s a suspected male from Kazakhstan who claimed to have broken…
Read More
23 Jun 2020
By Mary

InfoSec News Nuggets 6/23/2020

Activists publish 269GB of hacked US police force data Dubbed BlueLeaks, the group known as Distributed Denial of Secrets (DDoSecrets) has published 269GB of material providing insights into law enforcement and a wide array of US government activities. The public can also access the information in its entirety. These files include hundreds of thousands of images, as well as documents, tables, text files, videos and emails, with the complete dataset available to download by anybody…
Read More
19 Jun 2020
By Mary

InfoSec News Nuggets 6/19/2020

Amazon owes answers on facial recognition moratorium, lawmaker says Amazon's move to stop providing facial recognition to law enforcement until June 2021 has left more questions than answers. The company's announcement, limited to 102 words in a blog post, left out a lot of details on what the moratorium actually means, and a House representative is demanding answers from Amazon founder Jeff Bezos. In a letter sent to Bezos and Amazon on Wednesday, Rep. Jimmy Gomez, is asking the…
Read More
05 Jun 2020
By Mary

InfoSec News Nuggets 6/5/2020

Denial of service attacks against advocacy groups skyrocket In figures published Tuesday, the internet security firm Cloudflare said it blocked more than 135 billion malicious web requests against advocacy sites, compared to less than 30 million blocked requests against U.S. government websites, such as police and military organizations. The company did not disclose which websites were affected, specifically. “As we’ve often seen in the past, real world protest and violence is usually accompanied by attacks on the…
Read More
03 Jun 2020
By Mary

InfoSec News Nuggets 6/3/2020

Trump's social media executive order faces lawsuit The nonprofit Center for Democracy and Technology is taking aim at US President Donald Trump's social media executive order. The CDT filed a lawsuit against the president on Tuesday, alleging that the order violates the First Amendment and the right to free speech. "The order is plainly retaliatory: it attacks a private company, Twitter, for exercising its First Amendment right to comment on the President's statements," the lawsuit says. "More fundamentally, the…
Read More
01 Jun 2020
By Mary

InfoSec News Nuggets 6/1/2020

Meet the Victims of Online Scams Imagine a lonely person who’s looking for romantic companionship, so they turn to the internet. Picture someone who’s terribly anxious for news about an online payment that will ease their paycheck-to-paycheck existence. Or perhaps you’ve known an individual with such limited technical skills and financial resources, they’re always browsing for the cheapest IT provider possible. The victims of online scams each possess unique characteristics. And in the eyes of bad…
Read More
29 May 2020
By Mary

InfoSec News Nuggets 5/29/2020

How to Unlock Hidden Browser Games in Edge, Firefox and Chrome Your web browser is full of secrets. I typically spend my time poring over new features I can unlock via pages like chrome://flags and about:config, but it’s also nice to take a little break and play the hidden games that come packed into the most popular browsers. Yes, your desktop browser is filled with hidden games. Don’t crack your knuckles and expect to hunker down for a Civilization VI-like session—they’re not that great.…
Read More
21 May 2020
By Mary

InfoSec News Nuggets 5/21/2020

REvil Ransomware found buyer for Trump data, now targeting Madonna The REvil ransomware group claims to have buyers ready for documents containing damaging information about US‌ President Donald Trump and is preparing to auction data on international celebrity Madonna. The hackers breached the network of Grubman Shire Meiselas & Sacks (GSMLaw), a law firm representing a huge number of A-list celebrities, stealing everything they considered of value before encrypting the data. After unfruitful negotiations with…
Read More
12 May 2020
By Mary

InfoSec News Nuggets 5/12/2020

Google expects its staff to work from home until 2021 and it's not alone According to a Bloomberg report, Sundar Pichai, Google's CEO, told Google employees on Thursday to be ready to work remotely through October and possibly to the end of the year. Actually, a Google spokeswoman said most Google workers are expected to work from home until 2021. So, life's going back to normal? Not at this tech giant.  It's not just Google. Facebook has also told…
Read More
24 Apr 2020
By Mary

InfoSec News Nuggets 4/24/2020

Zoom will soon let you report meeting participants to help bust Zoombombers Zoom is adding a way for hosts to report meeting participants, according to the app’s release notes published on April 19th (via PC Mag). In theory, that could help the company track down trolls that take over Zoom calls and share inappropriate material, a practice more colloquially known as “Zoombombing.” Zoom says the reporting feature will be available in an update that’s scheduled to release on Sunday, April…
Read More
16 Apr 2020
By Mary

InfoSec News Nuggets 4/16/2020

MIT’s AI-powered device lets doctors monitor coronavirus patients remotely A new device that uses AI to monitor coronavirus symptoms is helping doctors treat patients beyond the reach of infection. The box-like device emits wireless signals that bounce off human bodies before returning to the system. Algorithms then analyze changes in the signals to infer the person’s breathing rate, sleep patterns, and movements. The system, named Emerald, was developed at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL).…
Read More
14 Apr 2020
By Mary

InfoSec News Nuggets 4/14/2020

Apps collecting data to help stop the virus spread must limit sharing of information, cybersecurity expert says Apple and Google’s joint initiative to build a platform that helps contain the spread of the coronavirus looks promising, but steps have to be taken to prevent it from invading the privacy of users for the long term, an academic with expertise on science and tech policy told CNBC. The tech giants announced Friday they were working together to provide tools that help…
Read More
09 Apr 2020
By Mary

InfoSec News Nuggets 4/9/2020

The US is formalizing Team Telecom rules to restrict foreign ownership of internet and telecom assets It has the simplest name, but the sort of shadowy overtones that national security writers lust after. Team Telecom, a mostly informal working committee of the Departments of Defense, Homeland Security and Justice (along with affiliated agencies) has for years been quietly tasked with evaluating and maintaining the security of America telecom infrastructure in concert with the FCC. Its…
Read More
03 Apr 2020
By Mary

InfoSec News Nuggets 4/3/2020

Cybercriminals targeting Zoom, Google and Teams domains Popular video conferencing applications such as Zoom, Teams and Google are seeing their names used by malicious actors to create newly registered fake domains with Zoom seemingly being singled out at this time. Since January 1 the security firm has seen about 1,700 new domains registered using the word “zoom” in some fashion with 25 percent of these new registrations happing in the last seven days. Cyber gangs…
Read More