09 May 2025
By Mary

InfoSec News Nuggets 5/9/2025

Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT Cisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system. The vulnerability, tracked as CVE-2025-20188, has been rated 10.0 on the CVSS scoring system. "This vulnerability is due to the presence of a hard-coded JSON Web Token (JWT) on an…
Read More
12 Mar 2025
By Mary

InfoSec News Nuggets 3/12/2025

MS-ISAC loses federal support The Multi-State Information Sharing and Analysis Center, which has supported the cybersecurity operations of state and local governments since its creation in 2004, has lost its federal funding and cooperative agreement, a Cybersecurity and Infrastructure Security Agency spokesperson confirmed with StateScoop on Tuesday. The news, first reported by freelance reporter Eric Geller, follows the Department of Homeland Security last month severing support for the Elections Infrastructure ISAC. A representative from the Center for…
Read More
06 Mar 2025
By Mary

InfoSec News Nuggets 3/6/2025

CISA refutes claims it has been ordered to stop monitoring Russian cyber threats It's been a confusing few days in the world of American cybersecurity. At the end of last week, it was reported that US Cyber Command had been ordered by Defense Secretary Pete Hegseth to pause its offensive operations against Russia. The news was swiftly followed by reports that staff at the US Cybersecurity and Infrastructure Security Agency (CISA) had been given similar…
Read More
19 Feb 2025
By Mary

InfoSec News Nuggets 2/19/2025

Chinese hackers abuse Microsoft APP-v tool to evade antivirus The Chinese APT hacking group "Mustang Panda" has been spotted abusing the Microsoft Application Virtualization Injector utility as a LOLBIN to inject malicious payloads into legitimate processes to evade detection by antivirus software. This technique was discovered by threat researchers at Trend Micro, who track the threat group as Earth Preta, reporting that they have verified over 200 victims since 2022. Mustang Panda's targeting scope, based on Trend…
Read More
23 Oct 2024
By Mary

InfoSec News Nuggets 10/23/2024

Europe launches ‘gait recognition’ pilot program to monitor border crossings A European Commission-funded biometric “gait recognition” program to study how to more easily identify people crossing the European Union’s external borders by examining their unique walking styles kicked off Thursday. The initiative, dubbed the PopEye Project, is supported by a €3.2 million ($3.5 million) grant that covers a three-year pilot testing the technology, according to TechTransfer, a program at the Vrije Universiteit Brussels and a partner on…
Read More
18 Sep 2024
By Mary

InfoSec News Nuggets 9/18/2024

Concealed networks: Are dark web syndicates turning to social media for cybercrime? If you envision the dark web as a shadowy realm where cybercriminals orchestrate nefarious activities under the cover of anonymity, you’re not far from the truth. However, the dark web isn’t just as unreachable as you’d think—you likely interact with it more often than you realize. Given this reality, both businesses and individuals must ask: What are the chances that your sensitive, confidential…
Read More
11 Jun 2024
By Mary

InfoSec News Nuggets 6/11/2024

New York Times source code stolen using exposed GitHub token Internal source code and data belonging to The New York Times was leaked on the 4chan message board after being stolen from the company's GitHub repositories in January 2024, The Times confirmed to BleepingComputer. As first seen by VX-Underground, the internal data was leaked on Thursday by an anonymous user who posted a torrent to a 273GB archive containing the stolen data. "Basically all source code belonging…
Read More
10 Jun 2024
By Mary

InfoSec News Nuggets 6/10/2024

Nearly 400,000 affected by data breach at eye care management services company Nearly 400,000 people had sensitive healthcare information stolen by hackers during a 2023 cyberattack on a company that supports eye clinics. Colorado-based Panorama Eyecare told regulators in Maine and Massachusetts that 377,911 current and former patients and employees had data stolen — including names, Social Security numbers, dates of birth, license numbers, financial account information, dates of service and medical provider names.    Microsoft Will Switch Off Recall by Default…
Read More
08 Apr 2024
By Mary

InfoSec News Nuggets 4/8/2024

Magecart-style hackers charged by Russia in theft of 160,000 credit cards  Russia has taken the rare step of publicly charging six people suspected of stealing the details of 160,000 credit cards as well as payment information from foreign online stores. According to the statement published by Russia's Prosecutor General's Office earlier this week, the suspects used malware to bypass the websites' security measures and gain access to their databases. Then, using malicious code, they copied the necessary account…
Read More
07 Mar 2024
By Mary

InfoSec News Nuggets 3/7/2024

Hackers target Docker, Hadoop, Redis, Confluence with new Golang malware Hackers are targeting misconfigured servers running Apache Hadoop YARN, Docker, Confluence, or Redis with new Golang-based malware that automates the discovery and compromise of the hosts. The malicious tools used in the campaign take advantage of the configuration weaknesses and exploit an old vulnerability in Atlassian Confluence to execute code on the machine. Researchers at cloud forensics and incident response company Cado Security discovered the…
Read More
08 Feb 2024
By Mary

InfoSec News Nuggets 2/8/2024

Google Contributes $1 Million to Rust, Says It Prevented Hundreds of Android Vulnerabilities  oogle today announced a grant of $1 million to the Rust Foundation, meant to help improve the interoperability between Rust and C++ code. The internet giant joined the Rust Foundation in 2021, for the same reason, and has adopted the memory-safe programming language across Android and other Google products, due to its benefits for addressing memory safety vulnerabilities. “Based on historical vulnerability density statistics, Rust…
Read More
18 Dec 2023
By Mary

InfoSec News Nuggets 12/18/2023

3CX warns customers to disable SQL database integrations  VoIP communications company 3CX warned customers today to disable SQL Database integrations because of risks posed by what it describes as a potential vulnerability. Although the security advisory released today lacks any specific information regarding the issue, it advises customers to take preventive measures by disabling their MongoDB, MsSQL, MySQL, and PostgreSQL database integrations. "If you're using an SQL Database integration it's subject potentially to a vulnerability - depending upon…
Read More
11 Dec 2023
By Mary

InfoSec News Nuggets 12/11/2023

  Google admits AI viral video was edited to look better  A video showcasing the capabilities of Google's artificial intelligence (AI) model which seemed too good to be true might just be that. The Gemini demo, which has 1.6m views on YouTube, shows a remarkable back-and-forth where an AI responds in real time to spoken-word prompts and video. In the video's description, Google said all was not as it seemed - it had sped up responses…
Read More
27 Oct 2023
By Mary

InfoSec News Nuggets 10/27/2023

UK government accused of ‘vandalism’ over abolishing biometrics safeguards  The British government’s plans to remove safeguards around biometrics and public space surveillance were described on Thursday as “shocking” and “tantamount to vandalism” by an outgoing commissioner. Fraser Sampson, the biometrics and surveillance camera commissioner, said: “The loss of regulation and oversight in this key area comes just as the evolution of AI-driven biometric surveillance makes it more important than ever.” It comes as Prime Minister Rishi Sunak…
Read More
28 Sep 2023
By Mary

InfoSec News Nuggets 09/28/2023

Valve fails to get out of paying its EU geo-blocking fine Valve has failed to convince a court that it didn't infringe EU law by geo-blocking activation keys, according to a new ruling. The company argued that, based on copyright law, publishers had the right to charge different prices for games in different countries. However, the EU General Court confirmed that its geo-blocking actions "infringed EU competition law"and that copyright law didn't apply.   Google…
Read More
18 Sep 2023
By Mary

InfoSec News Nuggets 09/18/2023

TikTok hit with €345 million fine over privacy settings for children TikTok has been hit with a €345 million EU fine over the way it processes the personal data of children and teenage users, the first handed out by the bloc to the Chinese-owned social media platform. Ireland’s Data Protection Commission, the regulator responsible for holding TikTok Technology to EU data protection law, announced the fine on Friday after an investigation that began in September…
Read More
15 Sep 2023
By Mary

InfoSec News Nuggets 09/15/2023

Auckland transport authority hit by suspected ransomware attack  The Auckland Transport (AT) transportation authority in New Zealand is dealing with a widespread outage caused by a cyber incident, impacting a wide range of customer services. AT is the government-owned regional transportation authority in the Auckland region, responsible for public transport through ferries, busses, and trains and for designing and building roads and other infrastructure. The company has announced today that it's experiencing issues with its HOP services (integrated ticketing…
Read More
23 Jun 2023
By Mary

InfoSec News Nuggets 06/23/2023

Critical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 Websites  A critical security flaw has been disclosed in the WordPress "Abandoned Cart Lite for WooCommerce" plugin that's installed on more than 30,000 websites. "This vulnerability makes it possible for an attacker to gain access to the accounts of users who have abandoned their carts, who are typically customers but can extend to other high-level users when the right conditions are met," Defiant's Wordfence said in an advisory. Tracked as CVE-2023-2986, the…
Read More
17 May 2023
By Mary

InfoSec News Nuggets 05/17/2023

ChatGPT's chief to testify before Congress as concerns grow about artificial intelligence risks  The head of the artificial intelligence company that makes ChatGPT will testify before Congress as lawmakers call for new rules to guide the rapid development of AI technology. OpenAI CEO Sam Altman is scheduled to speak at a Senate hearing Tuesday. His San Francisco-based startup rocketed to public attention after its release late last year of ChatGPT, a free chatbot tool that answers questions with convincingly…
Read More
06 Apr 2023
By Mary

InfoSec News Nuggets 04/06/2023

Hackers posed as reporters in attacks on North Korea experts, Google says  Government-backed hackers allegedly connected to the North Korean military targeted people with expertise in North Korea policy issues by posing as journalists, according to a new report. Researchers from Google’s Threat Analysis Group (TAG) released the report Wednesday as a follow-up to one published last week by cybersecurity firm Mandiant — which is owned by Google. Mandiant’s report highlighted the work of APT43, a group of…
Read More
14 Feb 2023
By Mary

InfoSec News Nuggets 02/14/2023

Don't Get Scammed This Valentine's Day  Valentine's Day can be a tough time to be single, but be careful who you connect with. That beautiful blond woman or superhot guy messaging you may be after more than just your love and affection. Experts warn that this is peak season for online romance scams, which accounted for a staggering $1.3 billion in losses last year, according to the Federal Trade Commission. The pandemic and our increasingly digital lives mean…
Read More
15 Nov 2022
By Mary

InfoSec News Nuggets 11/15/2022

Australia to 'stand up and punch back' against cyber crims Australia's government has declared the nation is planning to go on the offensive against international cyber crooks following recent high-profile attacks on local health insurer Medibank and telco Optus. The aggressive posture was expressed in the announcement of a "Joint standing operation" that will see the Australian Federal Police and the Australian Signals Directorate (Australia's GCHQ/NSA analog) run a team with a mission "to investigate,…
Read More
18 Oct 2022
By Mary

InfoSec News Nuggets 10/18/2022

International crackdown on West-African financial crime rings  Behind the headlines that emerged earlier this month on the arrest of two suspected online scammers in South Africa lies a global police operation coordinated by INTERPOL. Codenamed Operation Jackal, the joint law enforcement effort mobilized 14 countries across four continents in a targeted strike against Black Axe and related West-African organized crime groups. Operation Jackal marks the first time INTERPOL has coordinated a global operation specifically against Black Axe, which is…
Read More
05 Oct 2022
By Mary

InfoSec News Nuggets 10/05/2022

In 2023, Google can notify you if personal info pops up in search Starting “early next year,” Google will be able to notify you if your personal info, such as your phone number, email, or home address, shows up in search results as part of its “results about you” tool. The announcement comes as Google has officially started rolling out the tool, which lets people easily create takedown requests for results with their personal info.…
Read More
31 Aug 2022
By Mary

InfoSec News Nuggets 08/31/2022

Singapore clocks higher ransomware attacks, warns of IoT risks Ransomware and phishing attacks continue to climb in Singapore, hitting small and midsize businesses (SMBs) and social media platforms. Cybercriminals also are expected to turn their attention to Internet of Things (IoT) devices and crypto-based transactions, leveraging the lack of security safeguards on these platforms.  Some 55,000 local-hosted phishing URLs were identified last year, up 17% from 2020, with social media companies accounting for more than…
Read More
22 Aug 2022
By Mary

InfoSec News Nuggets 08/22/2022

Google blocks largest HTTPS DDoS attack 'reported to date' A Google Cloud Armor customer was hit with a distributed denial-of-service (DDoS) attack over the HTTPS protocol that reached 46 million requests per second (RPS), making it the largest ever recorded of its kind. In just two minutes, the attack escalated from 100,000 RPS to a record-breaking 46 million RPS, almost 80% more than the previous record, an HTTPS DDoS of 26 million RPS that Cloudflare mitigated in…
Read More
12 Aug 2022
By Mary

InfoSec News Nuggets 08/12/2022

It Might Be Our Data, But It’s Not Our Breach A cybersecurity firm says it has intercepted a large, unique stolen data set containing the names, addresses, email addresses, phone numbers, Social Security Numbers and dates of birth on nearly 23 million Americans. The firm’s analysis of the data suggests it corresponds to current and former customers of AT&T. The telecommunications giant stopped short of saying the data wasn’t theirs, but it maintains the records do…
Read More
01 Jul 2022
By Mary

InfoSec News Nuggets 07/01/2022

Google: Half of 2022's Zero-Days Are Variants of Previous Vulnerabilities Google Project Zero has observed a total of 18 exploited zero-day vulnerabilities in the first half of 2022, at least half of which exist because previous bugs were not properly addressed. According to Google Project Zero researcher Maddie Stone, nine of the in-the-wild zero-days seen so far this year could have been prevented had organizations applied more comprehensive patching. “On top of that, four of the 2022…
Read More
24 Jun 2022
By Mary

InfoSec News Nuggets 06/24/2022

Multiple Backdoored Python Libraries Caught Stealing AWS Secrets and Keys Researchers have discovered a number of malicious Python packages in the official third-party software repository that are engineered to exfiltrate AWS credentials and environment variables to a publicly exposed endpoint. The list of packages includes loglib-modules, pyg-modules, pygrata, pygrata-utils, and hkg-sol-utils, according to Sonatype security researcher Ax Sharma. The packages and as well as the endpoint have now been taken down. "Some of these packages…
Read More
14 Jun 2022
By Mary

InfoSec News Nuggets 06/14/2022

Roblox Game Pass store used to sell ransomware decryptor A new ransomware is taking the unusual approach of selling its decryptor on the Roblox gaming platform using the service's in-game Robux currency. Roblox is an online kids gaming platform where members can create their own games and monetize them by selling Game Passes, which provide in-game items, special access, or enhanced features. To pay for these Game Passes, members must purchase them using an in-game…
Read More
11 Mar 2022
By Mary

InfoSec News Nuggets 03/11/2022

1 - Ukrainian IT Army Hijacked by Info-stealing Malware Security researchers are urging pro-Ukrainian actors to be wary of downloading DDoS tools to attack Russia, as they may be booby-trapped with info-stealing malware. In late February, Ukrainian vice prime minister, Mykhailo Fedorov, called for a volunteer “IT army” of hackers to DDoS Russian targets. However, Cisco Talos claimed that opportunistic cyber-criminals are looking to exploit the subsequent widespread outpouring of support for the Eastern European nation. Specifically,…
Read More
27 Jan 2022
By Mary

InfoSec News Nuggets 01/27/2022

Threats Are (Still) on the Rise: 2022 Ponemon Report Insider threats are a major risk for organizations of all sizes—and it’s expensive to ignore them. Insider threat incidents are costing businesses upwards of $15 million annually, on average. And it’s not just careless insiders who are to blame for insider threats; more organizations are reporting that credential theft is a growing concern in 2022. To compound matters, it now takes 85 days to contain an insider threat,…
Read More
31 Dec 2021
By Mary

InfoSec News Nuggets 12/31/2021

Supply chains, ransomware, zero trust and other security predictions for 2022 As 2021 draws to a close, no one in their right mind thinks that cybersecurity risk is just someone else’s problem anymore; major cybersecurity incidents like the SolarWinds breach and the Colonial Pipeline ransomware attack have raised cybersecurity awareness among public opinions and decision-makers.  The White House issued an Executive Order on cybersecurity in May to send a clear message about the administration’s priorities: create a nationwide commitment to enforcing…
Read More
28 Dec 2021
By Mary

InfoSec News Nuggets 12/28/2021

Amazon Alexa slammed for giving lethal challenge to 10-year-old girl An Amazon Echo owner was left shocked after Alexa proposed a dangerous challenge to her ten-year-old daughter. AI-powered virtual assistants like Alexa that power smart devices and speakers such as Echo, Echo Dot, and Amazon Tap, come with a plethora of capabilities. These include enabling the users to play simple verbal games or request "challenges" on demand. When sitting idle, such as during the holidays, it wouldn't be unusual for an Amazon…
Read More
20 Dec 2021
By Mary

InfoSec News Nuggets 12/20/2021

Facebook bans 7 'surveillance-for-hire' companies that spied on 50,000 users The parent company of Facebook and Instagram has banned seven firms it says used its platforms to spy on some 50,000 unsuspecting targets, including human rights activists, government critics, celebrities, journalists and ordinary people in more than 100 countries. These "surveillance-for-hire" companies were linked to around 1,500 accounts on Facebook and Instagram that were used to collect information on people and try to trick them…
Read More
09 Dec 2021
By Mary

InfoSec News Nuggets 12/09/2021

Google disrupts massive Glupteba botnet, sues Russian operators Google announced today that it has taken action to disrupt the Glupteba botnet that now controls more than 1 million Windows PCs around the world, growing by thousands of new infected devices each day. Glupteba is a blockchain-enabled and modular malware that has been targeting Windows devices worldwide since at least 2011, including the US, India, Brazil, and countries from Southeast Asia. Threat actors behind this malware strain…
Read More
07 Oct 2021
By Mary

InfoSec News Nuggets 10/07/2021

New TSA regulations to address cyberattack threat to rail systems The Transportation Security Administration will soon issue new regulations designed to make transit agencies and airlines better prepared for cyberattacks. Homeland Security Secretary Alejandro Mayorkas says that, under the new directive, railroads and rail-related entities deemed "higher-risk" will be required to appoint a point person in charge of cybersecurity, report cyber incidents to DHS' Cybersecurity and Infrastructure Security Agency and create a contingency plan for…
Read More
20 Sep 2021
By Mary

InfoSec News Nuggets 09/20/2021

Apple and Google Pull Opposition App From Russian Stores Following Kremlin Pressure On Friday morning, Bloomberg reported that Google and Apple have removed longtime opposition leader Alexei Navalny’s voter guide app from the App Store and Google Play store in Russia. Activists have charged the companies with bowing to Kremlin pressure. The Russian parliamentary elections began today and last through Sunday. On Thursday, Russian state media outlet Tass reported that Vasily Piskarev, head of the Committee on Safety and…
Read More
25 May 2021
By Mary

InfoSec News Nuggets 05/25/2021

1 - Audio maker Bose discloses data breach after ransomware attack Bose Corporation (Bose) has disclosed a data breach following a ransomware attack that hit the company's systems in early March. In a breach notification letter filed with New Hampshire's Office of the Attorney General, Bose said that it "experienced a sophisticated cyber-incident that resulted in the deployment of malware/ransomware across" its "environment." "Bose first detected the malware/ransomware on Bose's U.S. systems on March 7,…
Read More
19 May 2021
By Mary

InfoSec News Nuggets 05/19/2021

1 - iPhone calendar spam attacks on the rise Recently, we have seen an increasing number of reports from iPhone users about their calendars filling up with junk events. These events are most often either pornographic in nature, or claim that the device has been infected or hacked, and in all cases they contain malicious links. This phenomenon is known as “calendar spam.” Calendar spam became a big problem for Apple’s iCloud calendars back in 2016. At…
Read More
16 Apr 2021
By Mary

InfoSec News Nuggets 04/16/2021

1 - Capcom: Ransomware gang used old VPN device to breach the network Capcom has released a final update about the ransomware attack it suffered last year, detailing how the hackers gained access to the network, compromised devices, and stole personal information belonging to thousands of individuals. In early November 2020, Ragnar Locker ransomware hit the Japanese game developer and publisher, forcing Capcom to shut down portions of their network. In typical fashion for human-operated…
Read More
12 Apr 2021
By Mary

InfoSec News Nuggets 04/12/2021

1 - Hackers Hacked as Underground Carding Site is Breached Thousands of cyber-criminals have had their personal data leaked online after a popular carding forum was hacked, according to Group-IB. The Singapore-based security firm said it discovered that data belonging to users of the Swarmshop site was leaked to another underground forum on March 17. “The database was posted on a different underground forum and contained 12,344 records of the card shop admins, sellers and…
Read More
15 Mar 2021
By Mary

InfoSec News Nuggets 03/15/2021

Former Facebook insiders explain why the company is making such a big fuss over Apple’s upcoming privacy change For the past few weeks, Facebook has been running an ad campaign in defense of personalized advertisements, arguing that targeted ads are key to the success of small businesses. The catalyst for the campaign has been an ongoing battle between the social media company and Apple. The battle focuses on a unique device identifier on every iPhone and iPad called the IDFA.…
Read More
02 Mar 2021
By Mary

InfoSec News Nuggets 03/02/2021

The Rise of Vendor-Owned News Sites Underscores the Appetite for Cybersecurity Information One of the most prolific cybersecurity journalists, Catalin Cimpanu of ZDNet, left the popular CBS-owned tech publication on Friday. Today he joins The Record, a publication backed by the cybersecurity firm Recorded Future. (Catalin’s jump to Recorded Future is occurring the day after the firm issued a report on its startling discovery that a Chinese state-sponsored hacking group dubbed Red Echo introduced malware into Indian power…
Read More
29 Jan 2021
By Mary

InfoSec News Nuggets 01/29/2021

Arrest, Seizures Tied to Netwalker Ransomware U.S. and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. In connection with the seizure, a Canadian national suspected of extorting more than $27 million through the spreading of NetWalker was charged in a Florida court. NetWalker is a ransomware-as-a-service crimeware product in which affiliates rent access to the continuously updated malware code in exchange for a…
Read More
16 Nov 2020
By Mary

InfoSec News Nuggets 11/16/2020

Microsoft says it’s time for you to stop using SMS and voice calls for multi-factor authentication Multi-factor authentication makes it much harder for hackers to break their way into your online accounts, even if they already know your password. An online account protected by MFA will prompt you to enter a separate one-time code – often constructed out of six random digits that expire after a short period of time – after you have entered…
Read More
21 Oct 2020
By Mary

InfoSec News Nuggets 10/21/2020

Seven mobile browsers vulnerable to address bar spoofing attacks An "address bar spoofing" vulnerability refers to a bug in a web browser that allows a malicious website to modify its real URL and show a fake one instead — usually one for a legitimate site. Address bar spoofing vulnerabilities have been around since the early days of the web, but they have never been so dangerous as they are today. While on desktop browsers there…
Read More
06 Oct 2020
By Mary

InfoSec News Nuggets 10/06/2020

SunCrypt ransomware group swears off medical entities, sets sights on cybersecurity firms When the SunCrypt ransomware group opened a leak site where they listed victims who had not paid their ransom demands, they attracted public attention and demonstrated their ability to use the media to their advantage. In following up on their previously disclosed victims and leaks, DataBreaches.net noticed that a medical entity who had been listed on SunCrypt’s site no longer appeared on it.…
Read More
28 Sep 2020
By Mary

InfoSec News Nuggets 09/28/2020

Google adds a COVID-19 layer to Google Maps Google continues to work on improving Google Maps and on Wednesday a "COVID-19 layer" started rolling out. With this layer, users can see areas where the virus is spreading and it is coded by color based on the number of people with the coronavirus in each region. The layer produces these color codes based on the seven-day average for the number of new COVID-19 cases per 100,000…
Read More
23 Sep 2020
By Mary

InfoSec News Nuggets 09/23/2020

FBI hopes a more aggressive cyber strategy will disrupt foreign hackers Last week saw a flurry of U.S. indictments of alleged Chinese and Iranian hackers as part of a multi-agency crackdown on foreign intelligence services. The Department of Treasury issued sanctions, the Department of Homeland Security advised companies on how to fend off hackers and U.S. intelligence agencies likely kept a close eye on possible reactions from Beijing and Tehran. At the center of the coordinated crackdowns, though, were…
Read More