InfoSec News Nuggets 1/3/2025

Cyberhaven Chrome Extension Hack Linked to Widening Supply Chain Campaign The supply chain attack in which cybersecurity firm Cyberhaven’s Chrome extension was compromised to steal users’ data appears to be part of a wider campaign in which at least 29 extensions were hit over the past year and a half. As part of the Cyberhaven incident, a threat actor gained access to the company’s Chrome Web Store administrator account and published a new version of the…
Read More

InfoSec News Nuggets 10/04/2024

Iranians Accused of Hacking US Presidential Campaigns; $10 Million Offered for Info on their Location The Justice Department announced that three Iranian nationals and Islamic Revolutionary Guard Corps (IRGC) employees, at the same time, have been indicted for hacking accounts belonging to US officials, journalists, and individuals associated with US political campaigns. Several reports of hacks related to political campaigns have surfaced in recent months as unknown hackers breached various systems and networks, then stole…
Read More

InfoSec News Nuggets 09/11/2023

Cyber professionals say industry urgently needs to confront mental health crisis  As the coronavirus pandemic swept the U.S. in early 2020, Pat, a security engineer, had more than just his own health to worry about. He was the lead engineer responsible for protecting vast amounts of data moving between large health care organizations to the Centers for Disease Control and Prevention. The toll of working 80-hour weeks wasn’t new to Pat, who has been in…
Read More

InfoSec News Nuggets 1/5/2022

Malicious Telegram Installer Drops Purple Fox Rootkit We have often observed threat actors using legitimate software for dropping malicious files. This time however is different. This threat actor was able to leave most parts of the attack under the radar by separating the attack into several small files, most of which had very low detection rates by AV engines, with the final stage leading to Purple Fox rootkit infection. Thanks to the MalwareHunterTeam, we were able to…
Read More