I hope you all had a good weekend! Nothing much to add to today's issue. I just hope you enjoy it :-)
Breaches and leaks
- US soldiers expose nuclear weapons secrets via flashcard apps. I'm bookmarking this as one of those "this is why security is hard" stories. link.
- Japanese government agencies suffer data breaches after Fujitsu hack: link.
- Belgium government discovers old 2019 hack during Hafnium investigation: link.
- CrimeaApp Citizen exposed users' COVID data: link.
- Canada Post hit by data breach after supplier ransomware attack: link.
- Klarna mobile app bug let users log into other customers' accounts: link.
- Audio maker Bose discloses data breach after ransomware attack: link.
Patch 'em if you got 'em
- Apple fixes three zero-days, one abused by XCSSET macOS malware: link.
- SonicWall urges customers to 'immediately' patch NSM On-Prem bug: link.
- VMware warns of critical remote code execution hole in vCenter: link.
The new rules will force pipeline operators to report any cybersecurity incidents to CISA and hire cybersecurity coordinators who can be on call 24/7.
Troy is starting the process with open sourcing the "Has this password been in breaches before" component. Also, the FBI will now start feeding compromised passwords they find in investigations into HIBP.
There are now at least 16 malware families designed to compromise Pulse Secure VPN products.
Uptycs' threat research team has observed several instances of Linux malware where the attackers leverage the inbuilt commands and utilities for a wide range of malicious activities. This post takes a close look at those and how you can use Uptycs to detect them. (Sponsored)
Microsoft states that a Russian hacking group used four new malware families in recent phishing attacks impersonating the United States Agency for International Development (USAID).
Google reveals a new Rowhammer attack that exploits the design of ever-shrinking and more dense DRAM chips. The article describes Rowhammer pretty good too, which is nice.
Interesting to know that there are companies now who specialise in providing faster decryptors. What an interesting dynamic too between criminal economies like ransomware and legit new business models that grow around it.
Interesting post by Bruce Schneier where he argues that cloud providers have become part of the national infrastructure, and should be treated as such.
Nothing super new but it's a nice read on the ransomware world.
If you, like me, have a soft spot for where cybersecurity meets finance and money laundering, this is a good read. It never seizes to fascinate me how illegally gained money can move through the system.
1Password just released a big update, providing biometric unlock, dark mode, and a new save experience. Worth checking out! (Sponsored)