20 Mar 2023
By Mary

InfoSec News Nuggets 03/20/2023

John Deere urged to surrender source code under GPL The Software Freedom Conservancy (SFC) has called upon farm equipment maker John Deere to comply with its obligations under the General Public License (GPL), which requires users of such software to share source code. In a blog post published on Thursday, SFC director of compliance Denver Gingerich argues that farmers' ability to repair their tools is now in jeopardy because the makers of those tools have used GPL-covered…
Read More
16 Aug 2022
By Mary

InfoSec News Nuggets 08/16/2022

Hacker offers to sell data of 48.5 million users of Shanghai's COVID app A hacker has claimed to have obtained the personal information of 48.5 million users of a COVID health code mobile app run by the city of Shanghai, the second claim of a breach of the Chinese financial hub's data in just over a month. The hacker with the username as "XJP" posted an offer to sell the data for $4,000 on the…
Read More
05 Jan 2022
By Mary

InfoSec News Nuggets 1/5/2022

Malicious Telegram Installer Drops Purple Fox Rootkit We have often observed threat actors using legitimate software for dropping malicious files. This time however is different. This threat actor was able to leave most parts of the attack under the radar by separating the attack into several small files, most of which had very low detection rates by AV engines, with the final stage leading to Purple Fox rootkit infection. Thanks to the MalwareHunterTeam, we were able to…
Read More
01 Sep 2021
By Mary

InfoSec News Nuggets 09/01/2021

Hackers, tractors, and a few delayed actors. How hacker Sick Codes learned too much about John Deere No one ever wants a group of hackers to say about their company: “We had the keys to the kingdom.” But that’s exactly what the hacker Sick Codes said on this week’s episode of Lock and Code, in speaking with host David Ruiz, when talking about his and fellow hackers’ efforts to peer into John Deere’s data operations…
Read More