News
Hi friends!
It's a quick version this week, and a day early. I'm in over my ears with training, travel, and a long weekend off. Fortunately all good things :-)
As a reminder, a "quick" version is where I gather the stories that I found interesting, but I use the default summaries provided by the newssites themselves.
Enjoy!
All Okta support system customers caught in previously disclosed breach
The single sign-on provider significantly widened the scope of the attack two months after customers first reported suspicious activity on their Okta environments.
New BLUFFS attack lets attackers hijack Bluetooth connections
Researchers at Eurecom have developed six new attacks collectively named 'BLUFFS' that can break the secrecy of Bluetooth sessions, allowing for device impersonation and man-in-the-middle (MitM) attacks.
Google Drive users angry over losing months of stored data
Google Drive users are reporting that recent files stored in the cloud have suddenly disappeared, with the cloud service reverting to a storage snapshot as it was around April-May 2023.
Escape: automated API discovery and security
You can't secure what you can't see, right? Explore Escape's powerful combination of agentless and automated API discovery and security scanning. Start uncovering business-logic flaws with the help of AI at scale. (Sponsored)
Microsoft deprecates Defender Application Guard for Office
Microsoft is deprecating Defender Application Guard for Office and the Windows Security Isolation APIs, and it recommends Defender for Endpoint attack surface reduction rules, Protected View, and Windows Defender Application Control as an alternative.
Black Basta ransomware group generates $100M+ since 2022
Assumed Conti offshoot averages 7 figures for each successful attack but may have issues with, er, 'closing deals'
Police dismantle ransomware group behind attacks in 71 countries
In cooperation with Europol and Eurojust, law enforcement agencies from seven nations have arrested in Ukraine the core members of a ransomware group linked to attacks against organizations in 71 countries.
Microsoft's bug bounty turns 10, but are we any more secure?
Katie Moussouris, who pioneered Redmond's program, says folks are focusing on the wrong thing.
Ahead of 2024 election, Meta worries about lack of information on nation-state covert operations
Russia, Iran and China are likely to conduct influence operations via fake social media accounts ahead of the 2024 election, a new Meta report says.
Hackers don’t stop testing. Neither should you.
If you think doing a quick pentest every few quarters isn’t enough, you are correct. GlitchSecure combines continuous vulnerability assessments with real-time pentesting - all verified by highly skilled (and wonderful) humans in a user friendly platform. (Sponsored)
Breaches and leaks
Long-time readers of this newsletter know that I get very worked up when drinkwater utilities get attacked. This week saw two of those... eye twitch.
- Pennsylvania water authority hit with cyberattack allegedly tied to pro-Iran group: link.
- North Texas water utility serving 2 million hit with cyberattack: link.
And then of course, there's the rest:
- Japan's space agency hit by cyberattack: link.
- Dollar Tree hit by third-party data breach impacting 2 million people: link.
- Vanderbilt University Medical Center investigating cybersecurity incident: link.
- Cyberattack on IT provider CTS impacts dozens of UK law firms: link.
- Cyberattackers leaked data of 27,000 NYC Bar Association membersers: link.
- General Electric investigates claims of cyber attack, data theft: link.
- Slovenia's largest power provider HSE hit by ransomware attack: link.
- Ardent hospital ERs disrupted in 6 states after ransomware attack: link.
- New Jersey, Pennsylvania hospitals affected by cyberattacks: link.
- Ukraine says it hacked Russian aviation agency, leaks data: link.
- Healthcare giant Henry Schein hit twice by BlackCat ransomware: link.
- Ransomware attack on Ethyrial MMO wiped all player accounts: link.
- DP World confirms data stolen in cyberattack, no ransomware used: link.
- Qilin ransomware claims attack on automotive giant Yanfeng: link.
- British Library contacts users after Rhysida leaks data: link.
- English council spent £1.1 million recovering from ransomware attack: link.
- KyberSwap says $54.7 million of user cryptocurrency stolen during attack: link.
Unlock any CLI with your fingerprint
With 1Password Shell Plugins, you can forget about storing insecure plaintext keys on your disk or manually typing credentials into your terminal, and instead sign on to any CLI with biometrics. Use an existing plugin for AWS, Github, Gitlab, or dozens of other services. (Sponsored)