InfoSec News 20240202
Top News
-
White House Seeks Ideas on Boosting AI Privacy
"The Biden administration is contemplating updating for the artificial intelligence age the privacy guidance that federal agencies must follow before activating new systems or adding a new collection of personal identifiable information to existing information technology systems. "
TLP1 : Green
-
Russian spies impersonating Western researchers in ongoing hacking campaign
"Hackers working for Russia’s intelligence services are impersonating researchers and academics in an ongoing campaign to gain access to their colleagues’ email accounts, according to messages and files seen by Recorded Future News and independently analyzed by two cybersecurity companies."
TLP1 : Green
-
PurpleFox malware infects thousands of computers in Ukraine
"The Computer Emergency Response Team in Ukraine (CERT-UA) is warning about a PurpleFox malware campaign that has infected at least 2,000 computers in the country."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Crime bosses behind Myanmar cyber ‘fraud dens’ handed over to Chinese government
"Myanmar authorities handed over to the Chinese government 10 suspects accused of involvement in the organized cyber fraud industry, including the heads of three prominent crime families."
TLP1 : Green
-
US announces another arrest in BTC-e cybercrime case
"A Belarusian and Cypriot national allegedly connected with the defunct cryptocurrency exchange BTC-e is in U.S. custody and faces charges related to money laundering, federal prosecutors said Thursday."
TLP1 : Green
-
India-linked hackers target Pakistan with spyware in new campaign
"Suspected Indian state-sponsored hackers have used romance scams to lure victims in Pakistan into installing malicious apps, infecting their devices with spying malware, according to new research."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
How 2023 Broke Long-Running Records for Health Data Breaches
"Last year, a record number of major health data breaches - 734 breaches - affecting a record number of individuals - nearly 135.3 million - were reported to U.S. federal regulators. That's equal to more than 40% of the U.S. population having their protected health information compromised in a single year."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days, Patches and Exploits
-
FritzFrog botnet is exploiting Log4Shell bug now, experts say
"A variant of a long-running botnet is now abusing the Log4Shell vulnerability but is going beyond internet-facing applications and is targeting all hosts in a victim’s internal network."
TLP1 : Green
-
Exposed Docker APIs Under Attack in 'Commando Cat' Cryptojacking Campaign
"Exposed Docker API endpoints over the internet are under assault from a sophisticated cryptojacking campaign called Commando Cat."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Exploring the Latest Mispadu Stealer Variant
"Unit 42 researchers recently discovered activity attributed to Mispadu Stealer, a stealthy infostealer first reported in 2019. We found this activity as part of the Unit 42 Managed Threat Hunting offering. We discovered this threat activity while hunting for the SmartScreen CVE-2023-36025 vulnerability."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Zero trust implementation: Plan, then execute, one step at a time
"You’ve probably heard it before: zero trust is not a single product, but a security strategy that follows the principle of “never trust, always verify”. As such, it requires a customized approach, which can be quite complicated and might require additional staff."
TLP1 : Green
-
ApateWeb: An Evasive Large-Scale Scareware and PUP Delivery Campaign
"Unit 42 researchers discovered a large-scale campaign we call ApateWeb that uses a network of over 130,000 domains to deliver scareware, potentially unwanted programs (PUPs) and other scam pages. Among these PUPs, we have identified several adware programs including a rogue browser and different browser extensions."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.