InfoSec News 20240110
Top News
-
FTC Bans Outlogic (X-Mode) From Selling Sensitive Location Data
"The U.S. Federal Trade Commission (FTC) on Tuesday prohibited data broker Outlogic, which was previously known as X-Mode Social, from sharing or selling any sensitive location data with third-parties."
TLP1 : Green
-
X: Compromised phone number caused SEC hack that led to false bitcoin post
"Social media platform X said that the Security and Exchange Commission's account was compromised due to a third party gaining access to a related phone number."
TLP1 : Green
-
Member of notorious international hacking crew sentenced to prison
"A 22-year-old French citizen from Epinal, France, was sentenced today in U.S. District Court in Seattle to three years in prison and more than $5 million in restitution for conspiracy to commit wire fraud and aggravated identity theft, announced Criminal Chief Sarah Vogel for the Western District of Washington."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
AI is helping US spies catch stealthy Chinese hacking ops, NSA official says
"Artificial intelligence and machine learning technologies are helping the National Security Agency and other U.S. government agencies detect malicious Chinese cyber activity, a top U.S. intelligence official said in remarks on Tuesday that indicate how U.S. security agencies are using the technology to improve computer defenses."
TLP1 : Green
-
Hackers hit Moscow internet provider in response to Kyivstar cyber attack - source
"Hackers linked to Ukraine’s main spy agency have breached computer systems at a Moscow-based internet provider in retaliation for a Russian cyber attack against Ukrainian telecom giant Kyivstar, a source with direct knowledge of the operation told Reuters on Tuesday."
TLP1 : Green
-
China claims it has cracked Apple's AirDrop encryption to identify senders and monitor 'inappropriate speech'
"Chinese officials claim a Beijing company has cracked Apple's AirDrop encryption, a development that could enable police to trace dissidents who've used the app to spread anti-government messages."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
FNF data breach that affected 1.3 million customers confirmed
"The FNF data breach has been confirmed, and now it is official that 1.3 million people’s information is in the hands of bad actors. Here are all the details about the FNF data breach!"
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Turkish Hackers Exploiting Poorly Secured MS SQL Servers Across the Globe
"Poorly secured Microsoft SQL (MS SQL) servers are being targeted in the U.S., European Union, and Latin American (LATAM) regions as part of an ongoing financially motivated campaign to gain initial access."
TLP1 : Green
-
CISA Flags 6 Vulnerabilities - Apple, Apache, Adobe , D-Link, Joomla Under Attack
"The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Getting off the Attack Surface Hamster Wheel: Identity Can Help
"IT professionals have developed a sophisticated understanding of the enterprise attack surface – what it is, how to quantify it and how to manage it."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Free Decryptor Released for Black Basta and Babuk's Tortilla Ransomware Victims
"A decryptor for the Tortilla variant of the Babuk ransomware has been released by Cisco Talos, allowing victims targeted by the malware to regain access to their files."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.