9 November 2023
2023
Forever 21 Data Breach Leaks Personal Info of Over 539k Individuals
https://www.jdsupra.com/legalnews/forever-21-data-breach-leaks-personal-8548981/?&web_view=true
Excerpt:
“On August 29, 2023, F21 OpCo LLC d/b/a Forever 21 (“Forever 21”) filed a notice of data breach with the Attorney General of Maine after discovering an external system breach compromised the information of over 539,000 individuals. In this notice, Forever 21 explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names and Social Security numbers. Upon completing its investigation, Forever 21 began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.”
Why Criminals Keep Reusing Leaked Ransomware Builders
Mathew J. Schwartz
Excerpt:
“When is a LockBit ransomware attack not actually a LockBit attack? Cyber defenders are reporting a profusion of attacks involving stolen or reused strains of ransomware.”
Anonymous Sudan hacks X to put pressure on Elon Musk over Starlink
https://www.bbc.com/news/technology-66668053
Joe Tidy
“A hacking group called Anonymous Sudan took X, formerly known as Twitter, offline in more than a dozen countries on Tuesday morning in an attempt to pressurise Elon Musk into launching his Starlink service in their country.”
Multiple Threats Target Adobe ColdFusion Vulnerabilities
Cara Lin
Excerpt:
“This past July, Adobe responded to reports of exploits targeting pre-authentication remote code execution (RCE) vulnerabilities in their ColdFusion solution by releasing a series of security updates: APSB23-40, APSB23-41, and APSB23-47. An in-depth analysis of those exploits has been documented by Project Discovery, including a significant vulnerability in the WDDX deserialization process within Adobe ColdFusion 2021.”
Hacking campaign bruteforces Cisco VPNs to breach networks
Sergiu Gatlan
Excerpt:
“Hackers are targeting Cisco Adaptive Security Appliance (ASA) SSL VPNs in credential stuffing and brute-force attacks that take advantage of lapses in security defenses, such as not enforcing multi-factor authentication (MFA).”
Hackers Can Exploit Windows Container Isolation Framework to Bypass Endpoint Security
Excerpt:
“New findings show that malicious actors could leverage a sneaky malware detection evasion technique and bypass endpoint security solutions by manipulating the Windows Container Isolation Framework.
The findings were presented by Deep Instinct security researcher Daniel Avinoam at the DEF CON security conference held earlier this month.”
MMRat Android Malware Targets Banking Users in Southeast Asia
Excerpt:
“A new Android malware, dubbed MMRat, has been found targeting mobile users in Southeast Asia since June. The malware is named after its package ‘com.mm.user’ and uses a customized C2 protocol, based on Protobuf, to efficiently transfer large volumes of data.”
China-Linked BadBazaar Android Spyware Targeting Signal and Telegram Users
https://thehackernews.com/2023/08/china-linked-badbazaar-android-spyware.html?&web_view=true
Excerpt:
“Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy Store that are engineered to deliver the BadBazaar spyware on infected devices.”
Unveiling the Sophisticated Statc Stealer
https://cyware.com/news/unveiling-the-sophisticated-statc-stealer-c7294dad
Excerpt:
“Zscaler has come across a fresh, sophisticated information-stealing malware family, Statc Stealer capable of infiltrating Windows-based devices to illicitly acquire valuable data. Furthermore, it specifically sets its sights on cryptocurrency wallets, enabling it to seize credentials, passcodes, and even data from messaging platforms such as Telegram.”
Google Introduces First Quantum Resilient FIDO2 Security Key Implementation
https://thehackernews.com/2023/08/google-introduces-first-quantum.html
Excerpt:
“Google on Tuesday announced the first quantum resilient FIDO2 security key implementation as part of its OpenSK security keys initiative.
"This open-source hardware optimized implementation uses a novel ECC/Dilithium hybrid signature schema that benefits from the security of ECC against standard attacks and Dilithium's resilience against quantum attacks," Elie Bursztein and Fabian Kaczmarczyck said.”
Malaysia faces shortage of cybersecurity experts
Teh Athira Yusof
https://www.thestar.com.my/news/nation/2023/08/16/malaysia-faces-shortage-of-cybersecurity-experts
Excerpt:
“Malaysia is short of experts in the cybersecurity segment to equip the nation with the recommended amount of industry workers of 27,000 by 2025, says Communications and Digital Minister Fahmi Fadzil (pic).
He said currently there are only 15,248 workers identified as cybersecurity experts in the country.”
Ford Says Wi-Fi Vulnerability Not a Safety Risk to Vehicles
Ionut Arghire
Excerpt:
“American car maker Ford says that a vulnerability in the Wi-Fi driver of the SYNC 3 infotainment system on certain Ford and Lincoln vehicles does not pose a safety risk.”
CyberDSA 2023: Forging a Resilient Digital Future Through Unprecedented Collaboration
Excerpt:
“The highly anticipated inaugural Cyber Digital Services Defence & Security Asia (CyberDSA) 2023 has officially commenced at the Kuala Lumpur Convention Centre, graced by the Minister of Communications and Digital, YB Fahmi Fadzil. Embracing the theme of “Advancing Digitalisation and Security Through Collaboration,” this three-day expo, running from 15 to 17 August, seeks to create a platform for networking, idea exchange, and forging alliances that will drive the nation towards a more secure digital future.”
Discord.io gets taken down after massive data breach
Excerpt:
Discord.io, a third-party service that helps people generate custom invites for their Discord channels, has been hacked, and information on some 760,000 members stolen. The service has since suspended its operations, and the attacker explained that this is actually a ransom attack - with a twist.
Cl0p Ransomware Gang Revises its Extortion Strategy
https://cyware.com/news/cl0p-ransomware-gang-revises-its-extortion-strategy-848dc9ea
Excerpt:
“Starting on May 27, the gang launched a wave of attacks against 597 organizations by exploiting a zero-day vulnerability in the MOVEit secure transfer file platform. Later, on June 14, it began extorting its victims by adding their names to its Tor data leak site.
However, due to some limitations on the Tor sites, the gang has frequently been adopting new strategies to distribute the stolen data from the MOVEit attack.”
Hong Kong records drop in email phishing cases, but scam drill shows cybersecurity awareness ‘still lacking’
Leopold Chen
Excerpt:
“Hong Kong recorded a significant drop in the number of email phishing cases in the first five months of this year, but police have warned public awareness of cybersecurity is still lacking as employees at most companies that took part in an anti-scam drill clicked on dubious links.”