InfoSec News Nuggets 05/19/2022

Long lost @ symbol gets new life obscuring malicious URLs Threat actors have rediscovered an old and little-used feature of web URLs, the innocuous @ symbol we usually see in email addresses, and started using it to obscure links to their malicious websites. Researchers from Perception Point noticed it being used in a cyberattack against multiple organization recently. While the attackers are still unknown, Perception Point traced them to an IP in Japan. The attack started with a phishing…
Read More

InfoSec News Nuggets 01/25/2021

After big hack of U.S. government, Biden enlists 'world class' cybersecurity team President Joe Biden is hiring a group of national security veterans with deep cyber expertise, drawing praise from former defense officials and investigators as the U.S. government works to recover from one of the biggest hacks of its agencies attributed to Russian spies. Disclosed in December, the hack struck eight federal agencies and numerous companies, including software provider SolarWinds Corp. U.S. intelligence agencies…
Read More

InfoSec News Nuggets 08/28/2020

Tesla Insider Works with FBI to Turn the Tables on Russia’s Million Dollar Attempt to Hijack the Network On August 25, the Department of Justice announced the arrest of Egor Igorevich Kriuchkov, a citizen of Russia for conspiring to breach the network of a U.S. company, which media has identified as Tesla (their GigaFactory in Sparks, NV) and introduce malware into the company’s network. Kriuchkov was arrested on August 22 as he tried to depart…
Read More

InfoSec News Nuggets 2/3/2020

1 - Tinder and Bumble under investigation over underage use, sex offenders, and data handling Yesterday, the US House Oversight and Reform subcommittee announced an investigation into popular dating apps including Tinder, Grindr, and Bumble for allegedly allowing minors and convicted sex offenders to use their services. In a press release issued yesterday, the Chairman of the subcommittee, Raja Krishnamoorthi, sent letters to Match Group, Inc — the parent company of major dating apps — seeking…
Read More

InfoSec News Nuggets 12/17/2019

1 - Prosecutors say a man stole $88,000 from a bank vault. The FBI caught him after he flashed stacks of bills on social media. If you're systematically stealing money from a bank vault, it may not be a good idea to post the evidence on your social media pages. A bank employee in Charlotte, North Carolina, allegedly stole $88,000 from the bank's vault, according to a release from the United States Attorney's Office Western District of…
Read More