cRyPtHoN™ INFOSEC (EN)
04 Nov 2023 10:00
Apple faces very serious accusations
Apple is facing a $2 billion lawsuit in London over allegations that it knowingly used defective batteries in certain iPhone models.
The Apple iPhone battery lawsuit, which was filed by consumer champion Justin Gutmann on behalf of around 24 million iPhone users in the United Kingdom, alleges that Apple slowed down iPhones with software updates to hide the battery issues.
Gutmann said in a statement that the ruling was "a major step towards consumer justice".
And in return, an Apple spokesperson stated: "We have never – and would never – do anything to intentionally shorten the life of any Apple product, or degrade the user experience to drive customer upgrades".
https://ghacks.net/2023/11/03/apple-iphone-battery-lawsuit/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Nov 2023 09:55
Looney Tunables Vulnerability Exploited by Kinsing
Researchers from Aqua Nautilus have successfully intercepted Kinsing's experimental incursions into cloud environments. Utilizing a rudimentary yet typical PHPUnit vulnerability exploit attack, a component of Kinsing's ongoing campaign, we have uncovered the threat actor's manual efforts to manipulate the Looney Tunables vulnerability (CVE-2023-4911). This marks the first documented instance of such an exploit, to the best of our knowledge. Intriguingly, the attacker is also broadening the horizons of their cloud-native attacks by extracting credentials from the Cloud Service Provider (CSP). In this blog post, we delve deeper into the Kinsing campaign and its operations,
https://blog.aquasec.com/loony-tunables-vulnerability-exploited-by-kinsing
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Nov 2023 09:52
Singapore public health services hit by DDoS attacks
Hackers disrupted internet connectivity in public healthcare institutions in Singapore this week with distributed denial-of-service (DDoS) attacks, a health technology agency that oversees the institutions said.
Synapxe, which manages operations of 46 public healthcare institutions in Singapore and around 1,400 community partners such as nursing homes and general practitioners, said there’s no evidence that public healthcare or patient data, as well as internal networks, have been compromised.
Disruptions to internet connectivity affecting all public healthcare clusters in Singapore started on Wednesday and lasted for about seven hours.
https://therecord.media/singapore-public-health-services-ddos-attack
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Nov 2023 09:18
Google wants to make it easier for you to identify secure Play Store apps
A badge will mark apps that meet industry-wide security and privacy standards
🌀 Google is introducing an "Independent Security Review" badge for apps in the Play Store to indicate that they meet industry-wide security and privacy standards.
🌀 The badge does not guarantee that an app is completely secure, but it shows that the developer prioritizes privacy and security for users.
🌀 Google is also implementing new security measures, such as Play Protect, to protect Android devices from malware, and plans to expand these features in the future.
https://www.androidpolice.com/independently-tested-apps-google-play-store-security/
https://www.bleepingcomputer.com/news/security/google-play-adds-security-audit-badges-for-android-vpn-apps/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Nov 2023 09:10
Healthcare Data Breaches Impact 88 Million Americans
Threat actors have compromised sensitive health data on tens of millions of US patients so far this year, according to new figures released by the Department of Health and Human Services (HHS).
The HHS said that there had been a 239% increase in “large breaches” reported to its Office for Civil Rights (OCR) in the past four years and a 278% increase in ransomware.
https://www.infosecurity-magazine.com/news/healthcare-data-breaches-88-million/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Nov 2023 08:51
Allied Pilots Association Hit With Ransomware Attack
🌀 The Allied Pilots Association (APA) experienced a ransomware attack on October 30, which disrupted its systems for the entire week.
🌀 The union took immediate steps to secure its networks and is working nonstop to restore the systems with the help of outside experts.
🌀 APA is prioritizing the restoration of pilot-facing products and tools, and an investigation is underway to determine the full scope of the incident and potential data impacts. American Airlines has not yet commented on the incident.
The Allied Pilots Association (APA), a union representing over 15,000 pilots from American Airlines, announced a cybersecurity incident hit its systems on October 30, taking down its systems for the remainder of the week.
https://www.msn.com/en-us/news/us/allied-pilots-association-hit-with-ransomware-attack/ar-AA1jmjgR
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Nov 2023 07:32
Brave Browser 1.60 launches with Leo AI and security improvements
Brave Browser 1.60 is now available. The latest version of the Chromium-based web browser introduces Brave Software's Leo AI to all desktop users. It is not the only change though, as users who upgrade will also benefit from security improvements and some other changes.
Brave 1.60 is available already and users should receive it through the automatic updating feature. Those who can't wait to get their hands on the new browser version may select Menu > Help > About Brave or load brave://settings/help in the address bar directly to download the latest update immediately. The page lists the current version as well.
https://ghacks.net/2023/11/03/brave-browser-1-60-launches-with-leo-ai-and-security-improvements/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Nov 2023 07:26
NodeStealer attacks on Facebook take a provocative turn – threat actors deploy malvertising campaigns to hijack users’ accounts
Social media platforms offer immense opportunities for financially motivated threat actors to conduct large-scale attacks against unsuspecting Internet users. Fraudulent and malicious threats are prevalent on all social networks and it has become crucial for users to be aware of the latest tricks that can compromise the security of their accounts, data, reputation and finances.
Cybercriminals always seek to trick users into taking all sorts of unwelcome actions, and one way they achieve this is by abusing the ad network.
https://www.bitdefender.com/blog/labs/nodestealer-attacks-on-facebook-take-a-provocative-turn-threat-actors-deploy-malvertising-campaigns-to-hijack-users-accounts/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Nov 2023 07:23
ThreatLabz Discovers 117 Vulnerabilities in Microsoft 365 Apps Via the SketchUp 3D Library - Part 1
introduced numerous vulnerabilities to Microsoft 365 applications. Within approximately three months, our research efforts unveiled 117 unique vulnerabilities. Microsoft assigned CVE-2023-28285, CVE-2023-29344, and CVE-2023-33146 to catalog these vulnerabilities. Consequently, Microsoft took the precautionary step of temporarily disabling SketchUp support in Microsoft 365 in June 2023. In this blog post, we will share the methodologies used to uncover these vulnerabilities and provide technical details for some of the vulnerabilities. This is Part 1 of our two-part series. The second part will be available soon.
https://www.zscaler.com/blogs/security-research/threatlabz-discovers-117-vulnerabilities-microsoft-365-apps-sketchup-3d
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Nov 2023 06:36
Court documents show 'iPhone' searches are helping Google make big bucks
Google’s antitrust trial has shed light on the most lucrative search terms
🌀 New court documents suggest that Google may have profited from search queries related to iPhones, potentially indicating a lucrative deal with Apple.
🌀 Google has faced previous antitrust lawsuits, with allegations of reducing competition and using acquisitions to control digital advertising tools.
🌀 Internal emails reveal that Google prioritizes its own products and services, further supporting claims of anti-competitive behavior.
https://www.androidpolice.com/google-search-iphone-antitrust-suit/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Nov 2023 06:28
Okta tells 5,000 of its own staff that their data was accessed in third-party breach
The hits keep on coming for troubled ID management biz
Updated Okta has sent out breach notifications to almost 5,000 current and former employees, warning them that miscreants breached one of its third-party vendors and stole a file containing staff names, social security numbers, and health or medical insurance plan numbers.
The third-party, Rightway Healthcare, helps people compare healthcare providers and rates, and this includes Okta employees and their families. According to the notification, an "unauthorized" crook broke into Rightway's IT environment on September 23. The service informed Okta about the intrusion on October 12, nearly three weeks later.
https://www.theregister.com/2023/11/02/okta_staff_personal_data/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Nov 2023 05:23
WhatsApp spy mod spreads through Telegram, attacks Arabic-speaking users
It is not rare that users of popular instant messaging services find the official client apps to be lacking in functionality. To address that problem, third-party developers come up with mods that offer sought-after features besides aesthetic upgrades. Unfortunately, some of these mods contain malware alongside legitimate enhancements. A case in point occurred last year when we discovered the Triada Trojan inside a WhatsApp mod. Recently, we described a Telegram mod with an embedded spy module, distributed through Google Play. It is the same story with WhatsApp now: several, previously harmless, mods were found to contain a spy module that we detect as Trojan-Spy.AndroidOS.CanesSpy.
https://securelist.com/spyware-whatsapp-mod/110984/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
02 Nov 2023 05:15
Pro-Hamas hacktivist group targets Israel with BiBi-Linux wiper
A pro-Hamas hacker group is targeting Israeli entities using a new Linux-based wiper malware dubbed BiBi-Linux Wiper.
During a forensics investigation, Security Joes Incident Response team discovered a new Linux Wiper malware they tracked as BiBi-Linux Wiper.
Pro-Hamas hacktivist group used the wiper to destroy the infrastructure of Israeli companies.
https://securityaffairs.com/153341/malware/pro-hamas-group-bibi-linux-wiper.html
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
02 Nov 2023 05:10
Malware 'Meal Kits' Serve Up No-Fuss RAT Attacks
The wider availability of turnkey cyberattack kits in the criminal underground is leading to a glut of campaigns using remote access Trojans (RATs).
A rise in the availability of malware "meal kits" for less than $100 is fueling a surge in campaigns using remote access Trojans (RATs), which are often embedded in seemingly legitimate Excel and PowerPoint files attached to emails.
That's according to HP Wolf Security, which published its "Q3 2023 Threat Insights Report" today, observing a significant spike in Excel files with DLLs infected with the Parallax RAT. The files appear to recipients as legitimate in invoices, which, when clicked, launch the malware, according to HP senior malware analyst Alex Holland.
https://www.darkreading.com/endpoint/malware-meal-kits-serve-up-no-fuss-rat-attacks
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
02 Nov 2023 04:57
HP Wolf Security Threat Insights Report Q3 2023
Welcome to the Q3 2023 edition of the HP Wolf Security Threat Insights Report. In the report, we review notable malware campaigns, trends and techniques identified from HP Wolf Security’s customer telemetry in calendar Q3 2023.
https://threatresearch.ext.hp.com/hp-wolf-security-threat-insights-report-q3-2023/
Download the report: HP Wolf Security Threat Insights Report Q3 2023
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Nov 2023 09:57
Unmasking AsyncRAT New Infection Chain
AsyncRAT, short for “Asynchronous Remote Access Trojan,” is a sophisticated piece of malware designed to compromise the security of computer systems and steal sensitive information. What sets AsyncRAT apart from other malware strains is its stealthy nature, making it a formidable adversary in the world of cybersecurity.
McAfee Labs has observed a recent AsyncRAT campaign being distributed through a malicious HTML file. This entire infection strategy employs a range of file types, including PowerShell, Windows Script File (WSF), VBScript (VBS), and more, in order to bypass antivirus detection measures.
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/unmasking-asyncrat-new-infection-chain/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Nov 2023 09:54
ZDI discloses four zero-day flaws in Microsoft Exchange
Researchers disclosed four zero-day flaws in Microsoft Exchange that can be remotely exploited to execute arbitrary code or disclose sensitive information on vulnerable installs.
Trend Micro’s Zero Day Initiative (ZDI) disclosed four zero-day vulnerabilities in Microsoft Exchange that can be remotely exploited by an authenticated attacker to execute arbitrary code or disclose sensitive information on vulnerable installs.
Trend Micro’s Zero Day Initiative (ZDI) reported the flaws to Microsoft on September 7th and 8th, 2023, but the IT giant has yet to fix them, despite acknowledging the vulnerabilities. ZDI opted to publicly disclose the vulnerability in compliance with its responsible disclosure policy.
https://securityaffairs.com/153599/hacking/microsoft-exchange-zero-day-flaws.html
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Nov 2023 09:29
The Hilb Group Alerts Clients: A Breach Affecting Tens of Thousands
Clients of The Hilb Group Operating Company, LLC (Hilb) were notified of “suspicious activity” linked to a phishing attack detected within several employee email accounts, as reported by CyberNews.
The notice revealed that a cybersecurity incident at Hilb unfolded “for a limited period of time” from December 1, 2022, to January 12, 2023. An investigation, conducted with external cybersecurity experts, confirmed that personal details of certain clients, including names and Social Security numbers, had been illicitly appropriated.
https://securityonline.info/the-hilb-group-alerts-clients-a-breach-affecting-tens-of-thousands/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Nov 2023 09:12
'Corrupt' cop jailed for tipping off pal to EncroChat dragnet
Taking selfie with 'official sensitive' doc wasn't smartest idea, either
A British court has sentenced a "corrupt" cop to almost four years behind bars for tipping off a friend that officers had compromised the EncroChat encrypted messaging app network.
Natalie Mottram, 25, of Warrington, England, was sent down for three years and nine months on Friday at Liverpool Crown Court. She previously worked for Cheshire Police, most recently as an intelligence analyst for the North West Regional Organised Crime Unit. She was arrested by the UK National Crime Agency (NCA) on June 12, 2020.
https://www.theregister.com/2023/11/04/corrupt_cop_encrochat/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Nov 2023 08:56
Dutch hacker jailed for extortion, selling stolen data on RaidForums
A former Dutch cybersecurity professional was sentenced to four years in prison after being found guilty of hacking and blackmailing more than a dozen companies in the Netherlands and worldwide.
The suspect, a 21-year-old man from Zandvoort named Pepijn Van der Stap, has been convicted on multiple charges, including hacking into victims' computers, extortion, and laundering at least 2.5 million euros in cryptocurrency.
The court sentenced him to four years of imprisonment, with one year being conditional, accompanied by a three-year probationary period. The verdict follows an extensive investigation conducted by the Dutch Public Prosecution Service, which asked for a six-year prison sentence.
https://www.bleepingcomputer.com/news/security/dutch-hacker-jailed-for-extortion-selling-stolen-data-on-raidforums/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Nov 2023 07:33
Clop group obtained access to the email addresses of about 632,000 US federal employees
Clop ransomware gang gained access to the email addresses of more than 632K US federal employees at the departments of Defense and Justice.
Russian-speaking Clop ransomware group gained access to the email addresses of about 632,000 US federal employees at the departments of Defense and Justice. The security breach is the result of the MOVEit hacking campaign that took place this summer. The MOVEit campaign also targeted additional US agencies, including the Department of Health and Human Services, the Department of Agriculture, and the General Services Administration
The news of the attacks on the government departments was reported by federal cybersecurity officers to the House Science, Space and Technology Committee in July
https://securityaffairs.com/153486/data-breach/clop-group-us-federal-employees.html
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Nov 2023 07:28
Ransomware Attack on Mental Health Provider Affects 172,000
Deer Oaks Behavioral Health Says Incident Contained to 'Single Segment' of Network
Deer Oaks Behavioral Health, which is based in San Antonio and provides psychological and psychiatric services to residents of more than 1,500 long-term care and assisted living facilities across several states, said in a breach report submitted to Maine's attorney general Tuesday that it had become aware of potential unauthorized activity within its computer network on Sept. 1.
https://www.bankinfosecurity.com/ransomware-attack-on-mental-health-provider-affects-172000-a-23466
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Nov 2023 07:23
Major Mexican airport confirms experts are working to address cyberattack
One of the highest-traffic airports in Mexico said it is responding to a cyberattack.
The Querétaro Intercontinental Airport — about three hours from Mexico City — confirmed reports that it had been attacked by hackers, posting a notice on social media sites that it had called in experts to help address the issue.
“We reported that we had a cyberattack incident and are working with experts to address this situation. AIQ systems are operating normally. The safety of our passengers and operations remains our top priority,” the airport said, according to a translation of the notice, posted Tuesday.
https://therecord.media/queretaro-international-airport-mexico-cyberattack
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Nov 2023 06:41
Sam Bankman-Fried found guilty on all seven counts
Sam Bankman-Fried, the co-founder and former CEO of crypto exchange FTX and trading firm Alameda Research, has been found guilty on all seven counts related to fraud and money laundering.
The defendant is “charged with a wide-ranging scheme to misappropriate billions of dollars of customer funds deposited with FTX and mislead investors and lenders to FTX and to Alameda Research,” a release from the U.S. attorney’s office at the Southern District of New York stated.
https://techcrunch.com/2023/11/02/sam-bankman-fried-found-guilty-on-all-seven-counts/
https://www.theregister.com/2023/11/03/sam_bankman_fried_ftx_convicted/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Nov 2023 06:32
Smashing Security podcast #346: How hackers are breaching Booking.com, and the untrustworthy reviews
Industry veterans, chatting about cybersecurity and online privacy.
Workers wonder if their colleagues are actually AI, and we take a deeper look into the curious scams going on via Booking.com.
All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
https://grahamcluley.com/smashing-security-podcast-346/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Nov 2023 05:31
Israeli Entities Under Attack By MuddyWater’s Advanced Tactics
A new social engineering campaign conducted by the “MuddyWater” group has been observed targeting two Israeli entities with tactics, techniques and procedures (TTPs) previously associated with this threat actor.
MuddyWater, a group known for spear-phishing emails since 2020, has historically employed links and PDFs, RTFs and HTML attachments that direct victims to archives hosted on different file-sharing platforms. These archives typically contained legitimate remote administration tools.
https://www.infosecurity-magazine.com/news/muddywater-targets-israeli-entities/
https://www.gov.il/he/departments/news/disciplinary-treatment-statements-against-israel-wartime-news
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Nov 2023 05:07
Ace Hardware says 1,202 devices were hit during cyberattack
Ace Hardware confirmed that a cyberattack is preventing local stores and customers from placing orders as the company works to restore 196 servers.
Ace Hardware is a hardware store retailer-owned cooperative that operates 17 distribution centers and 5,700 shops across the United States, China, Panama, and the UAE. The cooperative employs 12,500 people and has an annual revenue that surpasses $9 billion.
Reports of a cybersecurity incident impacting the entity surfaced over Reddit on Monday, where someone posted the content of Ace's notice to retailers about a cyberattack that occurred over the weekend.
https://www.bleepingcomputer.com/news/security/ace-hardware-says-1-202-devices-were-hit-during-cyberattack/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
02 Nov 2023 05:13
YouTube confirms it has launched a global effort to crack down on ad blockers
YouTube has confirmed that it has taken efforts to crack down on ad blockers. The news comes via an official statement sent by a company spokesperson to The Verge.
Last month, I wrote about how I began seeing a pop-up that said "Ad blockers are not allowed by YouTube", which was accompanied by instructions to disable the ad blocker to continue using YouTube.
https://ghacks.net/2023/11/01/youtube-confirms-it-has-launched-a-global-effort-to-crack-down-on-ad-blockers/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
02 Nov 2023 05:06
UserSec Takes Credit for Gatwick Cyberattack Post-Manchester Airport DDoS
The UserSec group claimed the Gatwick Airport cyberattack in the ongoing targeting of UK-based airports.
Hackers from the UserSec group have claimed the Gatwick Airport cyberattack in their series of attacks targeting airports in the UK. UK’s Manchester Airport was first targeted in this series of airport attacks.
This alleged attack happened after cybersecurity researchers found UserSec speculating over carrying out cyberattacks on the airports in the UK on October 29th.
https://thecyberexpress.com/gatwick-airport-cyberattack-second-uk-target/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
02 Nov 2023 04:45
North Korean Hackers Target macOS Crypto Engineers With Kandykorn
North Korean hackers suspected to be associated with the Lazarus Group have been observed targeting blockchain engineers involved in cryptocurrency exchange platforms with a new macOS malware named Kandykorn.
This intrusion, tracked as REF7001 by Elastic Security Labs, utilized a combination of custom and open source capabilities to gain initial access and post-exploitation on macOS systems.
https://www.infosecurity-magazine.com/news/north-korea-crypto-engineers/
https://www.elastic.co/security-labs/elastic-catches-dprk-passing-out-kandykorn
📡@
📡@
📡@
📡@
📡@
Читать полностью…
4200