22 May 2023
By Mary

InfoSec News Nuggets 05/22/2023

Food distributor Sysco says cyberattack potentially leaked 125,000 Social Security numbers  A cyberattack on Sysco, one of the world’s largest food distributors, gave hackers access to the sensitive personal information of more than 125,000 current and former employees. In documents filed with state regulators in Maine, the company said an incident in January leaked troves of sensitive employee information. Sysco has more than 71,000 current employees, operates in over 90 countries and reported sales of more than $68…
Read More
10 Nov 2022
By Mary

InfoSec News Nuggets 11/10/2022

15,000 sites hacked for massive Google SEO poisoning campaign Hackers are conducting a massive black hat search engine optimization (SEO) campaign by compromising almost 15,000 websites to redirect visitors to fake Q&A discussion forums. The attacks were first spotted by Sucuri, who says that each compromised site contains approximately 20,000 files used as part of the search engine spam campaign, with most of the sites being WordPress. The researchers believe the threat actors' goal is…
Read More
29 Mar 2022
By Mary

InfoSec News Nuggets 03/29/2022

Hundreds more packages found in malicious npm 'factory' Researchers continue to investigate a wave of malicious npm packages, with the published tally now reaching over 700. Last week, JFrog researchers disclosed the scheme in which an unknown threat actor had published at least 200 malicious Node Package Manager (npm) packages. The team said that the repositories were first detected on March 21 and grew rapidly, with each npm package deliberately named to mimic legitimate software. An automated script targeted…
Read More
07 Mar 2022
By Mary

InfoSec News Nuggets 03/07/2022

Ukraine to issue non-fungible tokens to fund armed forces Ukraine has announced it will issue non-fungible tokens to fund its armed forces, as cryptocurrency becomes an increasingly popular means of giving support to the government in Kyiv. Mykhailo Fedorov, Ukraine’s vice-prime minister, said on Twitter on Thursday that the government would soon issue NFTs to help pay for its military. NFTs confer ownership of a unique digital item – with pieces of virtual art proving particularly popular –…
Read More
25 Feb 2022
By Mary

InfoSec News Nuggets 02/25/2022

Twitter admits it mistakenly removed Ukraine open source intelligence accounts Twitter said it had mistakenly suspended the accounts of open source intelligence reporters posting about Russia’s military build-up around Ukraine, leading to many of them accusing the Russian state of launching a “bot” campaign against them. Based on publicly available satellite imagery, open source reporters have used social media to supply a steady commentary on the activities of Russian forces near the Ukrainian border, providing…
Read More
24 Feb 2022
By Mary

InfoSec News Nuggets 02/24/2022

EU Deploys Cyber Response Unit to Ukraine The EU is deploying a newly formed Cyber Rapid-Response Team (CRRT) to Ukraine to help the country combat Russian threat actors as troops start pouring over the border. The Lithuanian Ministry of National Defence tweeted the news yesterday, revealing that the move came at the request of the Ukrainian government. Lithuania will be leading the coalition of six EU countries – which also includes Croatia, Poland, Estonia, Romania and the…
Read More
18 Jan 2022
By Mary

InfoSec News Nuggets 01/18/2022

Meta faces billion-pound class-action case Up to 44 million UK Facebook users could share £2.3bn in damages, according to a competition expert intending to sue parent company Meta. Dr Liza Lovdahl Gormsen alleges Meta "abused its market dominance" to set an "unfair price" for free use of Facebook - UK users' personal data. She intends to bring the case to the Competition Appeal Tribunal. A Meta representative said users had "meaningful control" of what information…
Read More
14 Jan 2022
By Mary

InfoSec News Nuggets 01/14/2022

New Paper Explains How to Secure SMS in the 5G Era AdaptiveMobile Security has published a white paper entitled “Messaging for the Future: Securing SMS in 5G” which explains why 5G networks will be at increased risk because of the interplay between the way SMS messaging has been implemented and the manifold vulnerabilities inherited from earlier generations of network. The paper makes many recommendations about how to shore up the defenses surrounding SMS messaging before telcos…
Read More