Welcome to the 200th issue of this little newsletter!
Oof, I have a hard time believing it's been that many. I went back to look when the first issue was sent, turns out it was December 2nd, 2016. More than six years ago, with two long breaks in between.
If you're curious, you can still read that first issue here. Nice to see that the format hasn't changed much, only now I babble a bit before getting to the news ^^
Thank you all for reading what I write, and thank you for the wonderful messages of support and feedback that I've received over the years.
Have a wonderful day!
Breaches and leaks
- MCNA, a US government-sponsored provider of dental healthcare, had a ransomware breach impacting 9 million clients: link.
- Harvard Pilgrim Health Care, a Massachusetts-based non-profit health services provider, disclosed a ransomware breach impacting 2.5 million clients: link.
- ABB confirms it was hit by ransomware: link.
- The city of Augusta, Georgia was breached: link.
- Toyota reported that they found another data leak: link.
- Several crypto related Discord communities were hacked through a malicious bookmarklet acting as a verification step: link.
- SuperVPN had a database with 360 million records exposed: link.
- RaidForums, a notorious hacking and data leak forum, had a database of its own leaked. Always interesting when that happens: link.
Researchers warn of backdoor (sort of) in Gigabyte motherboards
Researchers found that the firmware on many Gigabyte motherboards pulls in payloads from Gigabyte servers over an insecure connection and without signature validation. There was some press about it being a "deliberate backdoor", but it sounds like it's more just a badly implemented firmware update check that might be abused by attackers down the line. The linked article gives a more nuanced view. Gigabyte is releasing a fix to address the issues.
Russian FSB accuses U.S. of hacking thousands of iPhones in Russia
I don't really take whatever the FSB says for granted but also perfectly assume that this might happen, sure. Interesting to read either way.
Emby shuts down compromised user media servers
Interesting action to take. Emby noticed several instances that were compromised due to a malicious plugin. They pushed out an update that detects and removes the plugin, and when detected it shuts down the instance to prevent any further foothold by the attackers and to draw the attention of the admins.
Security.txt now mandatory for Dutch government websites
Nice move. I have some mixed experienced with security.txt files, but all in all it's a pretty good thing to have. Hackernews thread on this here.
PyPI to mandate 2FA by the end of 2023
By December 2023 it will be mandatory for accounts that maintain a project or organisation. The mandate is part of a larger effort to prevent account takeover attacks. A bit overdue, I would say, but good improvement nonetheless.
Google temporarily offering $180,000 for full chain Chrome exploit
Google is temporarily tripling its bug bounty reward for a full chain exploit leading to a sandbox escape in the Chrome browser. If you're in to this sort of thing, get cracking :-)
Moonlighter, the world’s first hacking test bed in space
Moonlighter is a small satellite that will soon be launched, meant specifically to serve as a hacking sandbox. It will be part of Hack-A-Sat 4, an annual challenge, where finalists will get the chance to hack the satellite in orbit during DEFCON in August.
The strange story of the teens behind the Mirai botnet
A somewhat longer, interesting read and a trip down memory lane. Pairs good with some coffee.
From 1Password, to No Password?
Remembering one strong password isn't all that difficult, but there is still the risk that it might be phished or keylogged. Passkeys on the other hand remove that risk entirely, and 1Password will soon allow you to use a passkey to unlock your vault. Very exciting stuff. (Sponsored)