26 Jan 2022
By Mary

InfoSec News Nuggets 01/26/2022

EU to fund bug bounty programs for LibreOffice, Mastodon, three others The European Union will fund a bug bounty program for five open source projects that are heavily used by public services across the EU. The five programs include LibreOffice, a document editing app and a free alternative to Microsoft Office; Mastodon, a web-based utility for hosting your private social network; Odoo, an enterprise resource planning (ERP) application; Cryptopad, an app exchanging encrypted messages; and LEOS, a software designed to…
Read More
25 Jan 2022
By Mary

InfoSec News Nuggets 01/25/2022

Russian Authorities Arrest Head of International Cybercrime Group Four individuals believed to be members of the international cyber theft ring known as the “Infraud Organization” were arrested in Russia, news agency TASS reports. Allegedly created in 2010 by Svyatoslav Bondarenko, of Ukraine, the cybercrime group was involved in the theft, sale, and dissemination of personally identifiable information (PII), credit card data, and malware, among others. In 2018, the United States Department of Justice (DoJ) announced charges…
Read More
24 Jan 2022
By Mary

InfoSec News Nuggets 01/24/2022

FSB detains administrator of UniCC carding forum The Russian Federal Security Service (FSB) has arrested the administrator of the UniCC carding forum and one of the members of the Infraud cybercrime cartel. The suspect was identified as Andrey Sergeevich Novak and was detained for two months on charges of computer crimes and money laundering. Three other suspects, identified as Kirill Samokutyaev, Konstantin Vladimirovich Bergman, and Mark Avramovich Bergman, were also detained and subsequently placed under…
Read More
21 Jan 2022
By Mary

InfoSec News Nuggets 01/21/2022

FireEye & McAfee Enterprise Renamed as Trellix The company created from the merger of security firms McAfee Enterprise and FireEye will be called Trellix, with an aim to become a force in the field of extended detection and response (XDR). In March 2021, Symphony Technology Group (STG) acquired the McAfee Enterprise business for $4 billion. A few months later, STG bought FireEye's products business for $1.2 billion in a deal that separated FireEye's network, email, endpoint, and cloud security…
Read More
20 Jan 2022
By Mary

InfoSec News Nuggets 01/20/2022

NSO Group Spyware Reportedly Used by Israeli Police Force Spyware from controversial Israeli software firm NSO Group was reportedly used by the nation's civilian police force, according to a new report from an Israeli business publication, Calcalist. The new findings allege that the Israeli police conducted warrantless phone taps on Israeli politicians and activists, among others. According to the report, NSO Group, which was sanctioned by the U.S. Department of Commerce in November 2021, provided its flagship spyware…
Read More
19 Jan 2022
By Mary

InfoSec News Nuggets 01/19/2022

Europol takes down VPNLab, a service used by ransomware gangs An international law enforcement operation has seized the servers of VPNLab.net, a virtual private network provider that advertised its services on the criminal underground and catered to various cybercrime groups, including ransomware gangs. Europol said it seized 15 servers operated by the VPNLab team in Germany, the Netherlands, Canada, the Czech Republic, France, Hungary, Latvia, Ukraine, the US, and the UK. No arrests were announced,…
Read More
18 Jan 2022
By Mary

InfoSec News Nuggets 01/18/2022

Meta faces billion-pound class-action case Up to 44 million UK Facebook users could share £2.3bn in damages, according to a competition expert intending to sue parent company Meta. Dr Liza Lovdahl Gormsen alleges Meta "abused its market dominance" to set an "unfair price" for free use of Facebook - UK users' personal data. She intends to bring the case to the Competition Appeal Tribunal. A Meta representative said users had "meaningful control" of what information…
Read More
14 Jan 2022
By Mary

InfoSec News Nuggets 01/14/2022

New Paper Explains How to Secure SMS in the 5G Era AdaptiveMobile Security has published a white paper entitled “Messaging for the Future: Securing SMS in 5G” which explains why 5G networks will be at increased risk because of the interplay between the way SMS messaging has been implemented and the manifold vulnerabilities inherited from earlier generations of network. The paper makes many recommendations about how to shore up the defenses surrounding SMS messaging before telcos…
Read More
13 Jan 2022
By Mary

InfoSec News Nuggets 01/13/2022

Fact-checkers label YouTube a 'major conduit of online disinformation' Fact-checking organisations around the world say that YouTube is not doing enough to prevent the spread of misinformation on the platform. Some 80 groups have signed a joint letter to the Google-owned platform's chief executive Susan Wojcicki. The letter says it is "one of the major conduits of online disinformation and misinformation worldwide". The organisations want YouTube to take firmer action against anti-vaccine videos, and election…
Read More
12 Jan 2022
By Mary

InfoSec News Nuggets 01/12/2022

Undersea Cable Connecting Norway With Arctic Satellite Station Has Been Mysteriously Severed An undersea fiberoptic cable located between mainland Norway and the Svalbard archipelago in the Arctic Ocean has been put out of action in a still-mysterious incident. The outage on the subsea communications cable — the furthest north of its kind anywhere in the world — follows an incident last year in which different cables linking an undersea surveillance network off the Norwegian coast…
Read More
11 Jan 2022
By Mary

InfoSec News Nuggets 01/11/2022

FluBot’s Authors Employ Creative and Sophisticated Techniques to Achieve Their Goals in Version 5.0 and Beyond In early 2020, a new sophisticated malware for Android called FluBot began to appear. On infected devices, the malware can take full remote control of the device; access victim’s contact lists; send, intercept, and hide SMS messages; log the victim’s keystrokes; steal one-time passcodes; collect personal information; carry out overlay attacks and more. Originally, the malware authors mainly targeted…
Read More
10 Jan 2022
By Mary

InfoSec News Nuggets 01/10/2022

GameStop reportedly has a whole unit working on NFTs and cryptocurrency Video game retailer and memestock darling GameStop is making a big bet on NFTs and cryptocurrency technology. According to a new report from The Wall Street Journal, the company has built up an over 20-person strong team working on an online marketplace for the virtual items, which could include cosmetic skins and in-game items. The company is said to be courting game developers and publishers to…
Read More
07 Jan 2022
By Mary

InfoSec News Nuggets 1/7/2022

How to avoid buying fake COVID tests online The news is filled with images of long lines at in-person COVID testing sites and reports of limited supplies of at-home test kits. It’s not a surprise that, according to the U.S. Food and Drug Administration, fake and unauthorized at-home testing kits are popping up online as opportunistic scammers take advantage of the spike in demand. Using these fake products isn’t just a waste of money, it…
Read More
06 Jan 2022
By Mary

InfoSec News Nuggets 1/6/2022

US Police Warn of Parking Meters with Phishing QR Codes In a hurry to park your car?  Don't want to fumble around in your pocket to find cash for the parking meter, and don't have the correct payment app installed on your phone? Well, think carefully before rushing to scan the payment QR code stuck on the side of the meter - it may well be an attempt by fraudsters to phish your financial information.…
Read More
05 Jan 2022
By Mary

InfoSec News Nuggets 1/5/2022

Malicious Telegram Installer Drops Purple Fox Rootkit We have often observed threat actors using legitimate software for dropping malicious files. This time however is different. This threat actor was able to leave most parts of the attack under the radar by separating the attack into several small files, most of which had very low detection rates by AV engines, with the final stage leading to Purple Fox rootkit infection. Thanks to the MalwareHunterTeam, we were able to…
Read More
04 Jan 2022
By Mary

InfoSec News Nuggets 1/4/2022

Microsoft Skype challenge: Can you solve this puzzle 10 times? New Skype users report frustration after being presented with a captcha that requires them to solve a complex puzzle ten times before signing up for the service. Tests by BleepingComputer confirmed the problematic captcha required when signing up for a Microsoft account via Skype—even after verifying your email address. However, signing up for a Microsoft account directly was much simpler. However, signing up for a Microsoft account directly…
Read More
03 Jan 2022
By Mary

InfoSec News Nuggets 1/3/2022

Microsoft releases emergency fix for Exchange year 2022 bug Microsoft has released an emergency fix for a year 2022 bug that is breaking email delivery on on-premise Microsoft Exchange servers. As the year 2022 rolled in and the clock struck midnight, Exchange admins worldwide discovered that their servers were no longer delivering email. After investigating, they found that mail was getting stuck in the queue, and the Windows event log showed one of the following…
Read More
31 Dec 2021
By Mary

InfoSec News Nuggets 12/31/2021

Supply chains, ransomware, zero trust and other security predictions for 2022 As 2021 draws to a close, no one in their right mind thinks that cybersecurity risk is just someone else’s problem anymore; major cybersecurity incidents like the SolarWinds breach and the Colonial Pipeline ransomware attack have raised cybersecurity awareness among public opinions and decision-makers.  The White House issued an Executive Order on cybersecurity in May to send a clear message about the administration’s priorities: create a nationwide commitment to enforcing…
Read More
30 Dec 2021
By Mary

InfoSec News Nuggets 12/30/2021

LastPass quells cyber-attack fears, blames email notification surge on ‘glitch’ LastPass has launched an investigation following a recent surge in blocked login attempts. The emailed notifications to a pre-registered email address would normally follow attempts to log in from a different browser version, device, or location. Users in receipt of these emails are invited to go to a link in order to confirm that the attempted login was valid. When LastPass noticed an unexpected rise in the…
Read More
29 Dec 2021
By Mary

InfoSec News Nuggets 12/29/2021

T-Mobile welcomed Christmas with its second data breach in less than six months T-Mobile may have enjoyed another solid year in terms of subscriber growth, 5G network expansion, speed boosts, and various other technological breakthroughs and advancements, but when it comes to customer support and especially security, 2021 has been a time of worrying decline and a tidal wave of negative publicity for the once mighty "Un-carrier." While the huge data breach identified back in August is likely to remain unrivaled…
Read More
28 Dec 2021
By Mary

InfoSec News Nuggets 12/28/2021

Amazon Alexa slammed for giving lethal challenge to 10-year-old girl An Amazon Echo owner was left shocked after Alexa proposed a dangerous challenge to her ten-year-old daughter. AI-powered virtual assistants like Alexa that power smart devices and speakers such as Echo, Echo Dot, and Amazon Tap, come with a plethora of capabilities. These include enabling the users to play simple verbal games or request "challenges" on demand. When sitting idle, such as during the holidays, it wouldn't be unusual for an Amazon…
Read More
27 Dec 2021
By Mary

InfoSec News Nuggets 12/27/2021

Fisher Price Chatter Bluetooth Telephone 60G LTE has serious privacy issues Fisher Price Chatter Bluetooth Telephone has the appearance of a classic kids toy, but it was designed for adults and allows to make and receive calls over Bluetooth using a nearby smartphone. The device is a Bluetooth headset that accepts the connections from a smartphone and could be used to take calls or as a speakerphone, unfortunately, serious privacy issues could allow attackers to…
Read More
23 Dec 2021
By Mary

InfoSec News Nuggets 12/23/2021

Former Uber CSO Faces New Charge for Alleged Breach Cover-Up A federal grand jury has expanded the list of charges filed against the former chief security officer of Uber, who's been accused of a criminal data breach cover-up. Joe Sullivan, 52, who served as Uber's CSO from April 2015 through November 2017, faces a new charge of wire fraud over a 2016 hack of the ride-sharing service, which resulted in the exposure of 57 million…
Read More
22 Dec 2021
By Mary

InfoSec News Nuggets 12/22/2021

DuckDuckGo is working on a privacy-focused desktop browser DuckDuckGo, the company best known for its privacy-focused search engine of the same name, is working on a desktop browser that should bring the same focus on avoiding being tracked to your entire web experience. In a post on its blog, DuckDuckGo CEO Gabriel Weinberg offers a glimpse at what the upcoming browser will look like and notes that we can expect it to perform the same way…
Read More
21 Dec 2021
By Mary

InfoSec News Nuggets 12/21/2021

Mystery cloud storage service exposes 580 million customer passwords - but it might all be OK The UK National Crime Agency (NCA) has discovered a database containing more than 585 million stolen passwords and emails, and shared it with Have I Been Pwned? to expand and update its database of breached info. Have I Been Pwned? is an online service where people can go to check if their email, passwords or other personal details have been compromised, and even identify in…
Read More
20 Dec 2021
By Mary

InfoSec News Nuggets 12/20/2021

Facebook bans 7 'surveillance-for-hire' companies that spied on 50,000 users The parent company of Facebook and Instagram has banned seven firms it says used its platforms to spy on some 50,000 unsuspecting targets, including human rights activists, government critics, celebrities, journalists and ordinary people in more than 100 countries. These "surveillance-for-hire" companies were linked to around 1,500 accounts on Facebook and Instagram that were used to collect information on people and try to trick them…
Read More
17 Dec 2021
By Mary

InfoSec News Nuggets 12/17/2021

This image looks very different on Apple devices — see for yourself Take a good look at the image below and the device you are on. Now view it again on an Apple device. Conversely, if you are using an Apple device, view this page on an Android or Windows device. If you are using an Apple device and viewing this page on Safari, chances are the image appears quite differently from what you'd see on, for…
Read More
16 Dec 2021
By Mary

InfoSec News Nuggets 12/16/2021

CISA warns critical infrastructure to stay vigilant for ongoing threats The Cybersecurity and Infrastructure Security Agency (CISA) warned critical infrastructure organizations today to strengthen their cybersecurity defenses against potential and ongoing threats. The federal agency also issued guidance to help executives and senior leaders proactively reinforce their orgs' resilience against threats arising from malicious activity coordinated by nation-state-sponsored threat actors and their proxies. "In the lead up to the holidays and in light of persistent and ongoing cyber threats,…
Read More
15 Dec 2021
By Mary

InfoSec News Nuggets 12/15/2021

Billion-dollar natural gas supplier Superior Plus hit with ransomware Major natural gas supplier Superior Plus announced on Tuesday that it is suffering from a ransomware attack. The billion-dollar propane seller said the incident started on December 12 but did not answer questions about which ransomware group was behind the attack or which systems were affected. "Superior has temporarily disabled certain computer systems and applications as it investigates this incident and is in the process of bringing these systems…
Read More
14 Dec 2021
By Mary

InfoSec News Nuggets 12/14/2021

Ukraine arrests 51 for selling data of 300 million people in US, EU Ukrainian law enforcement arrested 51 suspects believed to have been selling stolen personal data on hacking forums belonging to hundreds of millions worldwide, including Ukraine, the US, and Europe. "As a result of the operation, about 100 databases of personal data relevant for 2020-2021 were seized," the Cyberpolice Department of the National Police of Ukraine said. "The seized databases contained information on…
Read More
13 Dec 2021
By Mary

InfoSec News Nuggets 12/13/2021

Hackers start pushing malware in worldwide Log4Shell attacks Threat actors and researchers are scanning for and exploiting the Log4j Log4Shell vulnerability to deploy malware or find vulnerable servers. In this article we have compiled the known payloads, scans, and attacks using the Log4j vulnerability. Early Friday morning, an exploit was publicly released for a critical zero-day vulnerability dubbed 'Log4Shell' in the Apache Log4j Java-based logging platform. This vulnerability allows attackers to remotely execute a command…
Read More
10 Dec 2021
By Mary

InfoSec News Nuggets 12/10/2021

‘I need my girlfriend off TikTok’: How hackers game abuse-reporting systems One hundred and forty-seven dollar signs fill the opening lines of the computer program. Rendered in an icy blue against a matte black background, each “$” has been carefully placed so that, all together, they spell out a name: “H4xton.” It’s a signature of sorts, and not a subtle one. Actual code doesn’t show up until a third of the way down the screen.…
Read More
09 Dec 2021
By Mary

InfoSec News Nuggets 12/09/2021

Google disrupts massive Glupteba botnet, sues Russian operators Google announced today that it has taken action to disrupt the Glupteba botnet that now controls more than 1 million Windows PCs around the world, growing by thousands of new infected devices each day. Glupteba is a blockchain-enabled and modular malware that has been targeting Windows devices worldwide since at least 2011, including the US, India, Brazil, and countries from Southeast Asia. Threat actors behind this malware strain…
Read More
08 Dec 2021
By Mary

InfoSec News Nuggets 12/08/2021

Researchers discover 14 new data-stealing web browser attacks IT security researchers from Ruhr-Universität Bochum (RUB) and the Niederrhein University of Applied Sciences have discovered 14 new types of 'XS-Leak' cross-site leak attacks against modern web browsers, including Google Chrome, Microsoft Edge, Safari, and Mozilla Firefox. These types of side-channel attacks are called 'XS-Leaks,' and allow attacks to bypass the 'same-origin' policy in web browsers so that a malicious website can steal info in the background…
Read More
07 Dec 2021
By Mary

InfoSec News Nuggets 12/07/2021

SolarWinds hackers have a whole bag of new tricks for mass compromise attacks Almost exactly a year ago, security researchers uncovered one of the worst data breaches in modern history, if not ever: a Kremlin-backed hacking campaign that compromised the servers of network management provider SolarWinds and, from there, the networks of 100 of its highest-profile customers, including nine US federal agencies. Nobelium—the name Microsoft gave to the intruders—was eventually expelled, but the group never gave up…
Read More
06 Dec 2021
By Mary

InfoSec News Nuggets 12/06/2021

US rejects calls for regulating or banning ‘killer robots’ The US has rejected calls for a binding agreement regulating or banning the use of “killer robots”, instead proposing a “code of conduct” at the United Nations. Speaking at a meeting in Geneva focused on finding common ground on the use of such so-called lethal autonomous weapons, a US official balked at the idea of regulating their use through a “legally-binding instrument”. The meeting saw government experts…
Read More
03 Dec 2021
By Mary

InfoSec News Nuggets 12/03/2021

Really stupid “smart contract” bug let hackers steal $31 million in digital coin Blockchain startup MonoX Finance said on Wednesday that a hacker stole $31 million by exploiting a bug in software the service uses to draft smart contracts. The company uses a decentralized finance protocol known as MonoX that lets users trade digital currency tokens without some of the requirements of traditional exchanges. “Project owners can list their tokens without the burden of capital…
Read More
02 Dec 2021
By Mary

InfoSec News Nuggets 12/02/2021

Chinese could hack data for future quantum decryption, report warns Chinese hackers could target heavily encrypted datasets such as weapon designs or details of undercover intelligence officers with a view to unlocking them at a later date when quantum computing makes decryption possible, a report warns. Analysts at Booz Allen Hamilton, a consulting firm, say Chinese hackers could also steal pharmaceutical, chemical and material science research that can be processed by quantum computers – machines capable of…
Read More
01 Dec 2021
By Mary

InfoSec News Nuggets 12/01/2021

Ransomware Group Rebrands Multiple Times to Evade Detection A mid-sized ransomware group known for targeting healthcare and education sector organizations has repeatedly rebranded over the past year to avoid scrutiny, according to Mandiant. The “54BB47h” (Sabbath) group first appeared on the radar in September when it advertised for affiliate partners, the threat intelligence firm said. Unusually for a ransomware group, it provides these affiliates with their own pre-configured Cobalt Strike Beacon backdoor payloads. While this posed a…
Read More
30 Nov 2021
By Mary

InfoSec News Nuggets 11/30/2021

How to find hidden spy cameras with a smartphone Researchers from the National University of Singapore and Yonsei University in South Korea have devised a mobile application that uses smartphones’ time-of-flight (ToF) sensor to find tiny spy cameras hidden in everyday objects. The app is more successful at detecting hidden cams than existing state-of-the-art commercial hidden camera detectors (CC308+, K18) and much more successful than the human eye/brain. Tiny cameras concealed in sensitive locations –…
Read More
29 Nov 2021
By Mary

InfoSec News Nuggets 11/29/2021

GoDaddy Breach Widens to Include Reseller Subsidiaries The GoDaddy breach affecting 1.2 million customers has widened – it turns out that various subsidiaries that resell GoDaddy Managed WordPress were also affected. The additional affected companies are 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple and tsoHost. The world’s largest domain registrar confirmed to researchers at Wordfence that several of these brands’ customers were affected by the security incident (and Wordfence provided breach-notification notices from two of…
Read More
24 Nov 2021
By Mary

InfoSec News Nuggets 11/24/2021

GoDaddy hack causes data breach affecting 1.2 million customers In a data breach notification published today, GoDaddy said that the data of up to 1.2 million of its customers was exposed after hackers gained access to the company's Managed WordPress hosting environment. The incident was discovered by GoDaddy last Wednesday, on November 17, but the attackers had access to its network and the data contained on the breached systems since at least September 6, 2021.…
Read More
22 Nov 2021
By Mary

InfoSec News Nuggets 11/22/2021

US regulators order banks to report cyberattacks within 36 hours US federal bank regulatory agencies have approved a new rule ordering banks to notify their primary federal regulators of significant computer-security incidents within 36 hours. Banks are only required to report major cyberattacks if they have or will likely impact their operations, the ability to deliver banking products and services, or the US financial sector's stability. Bank service providers will also have to notify customers…
Read More
19 Nov 2021
By Mary

InfoSec News Nuggets 11/19/2021

UK and US join forces to strike back in cyber-space The US and UK are joining forces to "impose consequences" on their shared adversaries who conduct malicious cyber-activities. The combined action would address "evolving threats with a full range of capabilities", they said. The shared adversaries were not named but the announcement follows increasing concern over Russia-based ransomware. The plan was discussed last week at an annual meeting of intelligence chiefs, in the US. Gen…
Read More
18 Nov 2021
By Mary

InfoSec News Nuggets 11/18/2021

Cybercriminals Increasingly Employ Crypto-Mixers to Launder Stolen Profits Cryptocurrency mixing — a technique that uses pools of cryptocurrency to complicate the tracking of electronic transactions — has become a common service used by cybercriminals and is expected to become even more popular as governments regulate cryptocurrency exchanges in the future, researchers say. Threat intelligence firm Intel 471 warned in a new report that crypto-mixers have professional-looking sites, offer services in English and often Russian, and handle individual…
Read More
17 Nov 2021
By Mary

InfoSec News Nuggets 11/17/2021

Why are you still using QWERTY? 2021's most common passwords revealed An analysis of password habits worldwide has revealed we are still performing poorly when it comes to strong credential management. While the idea of using passwords such as QWERTY, 123456, and PASSWORD might seem like a joke these days, they are still commonly found in data dumps of stolen credentials published online. Major online service providers now often enforce strong passwords with lower-case and capital letters,…
Read More
16 Nov 2021
By Mary

InfoSec News Nuggets 11/16/2021

Epic's Tim Sweeney calls Google 'crazy,' says 'Apple must be stopped' Epic Games CEO Tim Sweeney has used his speech at a South Korea conference to lambast both Apple and Google, plus promote his plan for one app store for all devices. The Coalition for App Fairness's Global Conference on Mobile App Ecosystem Fairness is taking place in South Korea. Tim Sweeney has been speaking at the conference, and also talking to local press. According to Bloomberg, Sweeney…
Read More
15 Nov 2021
By Mary

InfoSec News Nuggets 11/15/2021

China’s next generation of hackers won’t be criminals. That’s a problem. Criminals have a long history of conducting cyber espionage on China’s behalf. Protected from prosecution by their affiliation with China’s Ministry of State Security (MSS), criminals turned government hackers conduct many of China’s espionage operations. Alarming as it may sound, this is not a new phenomenon. An indictment issued by the U.S. Department of Justice last year, for example, indicated that the simultaneous criminal-espionage activity of two…
Read More
12 Nov 2021
By Mary

InfoSec News Nuggets 11/12/2021

Queensland water supplier Sunwater targeted by hackers in months-long undetected cyber security breach Queensland's largest regional water supplier, Sunwater, says it was targeted by hackers in a cyber security breach that went undetected for nine months. It has been revealed that hackers left suspicious files on a webserver to redirect visitor traffic to an online video platform last year. Sunwater admitted the cyber breach after the tabling of a Queensland's Audit Office report into the state's water authorities, which…
Read More
11 Nov 2021
By Mary

InfoSec News Nuggets 11/11/2021

Microsoft patches Excel zero-day used in attacks, asks Mac users to wait During this month's Patch Tuesday, Microsoft has patched an Excel zero-day vulnerability exploited in the wild by threat actors. Zero-days, as defined by Microsoft, are publicly disclosed bugs with no official security updates. The vulnerability, tracked as CVE-2021-42292, is a high severity security feature bypass that unauthenticated attackers can exploit locally in low complexity attacks that don't require user interaction. Microsoft also patched a…
Read More