It's a quick version this week, where I gather the usual highlights but use the default summaries. I passed my exam, and am off to a weekend with friends for a nicely timed celebration :-)
Have a good one!
Federal agencies urged immediate action by critical infrastructure providers and tech manufacturers to protect against malicious threat activity from Volt Typhoon.
Related stories this week on Volt Typhoon:
- Chinese hackers hid in US infrastructure network for 5 years: link.
- Chinese hackers fail to rebuild botnet after FBI takedown: link.
A widely reported story that 3 million electric toothbrushes were hacked with malware to conduct distributed denial of service (DDoS) attacks is likely a hypothetical scenario instead of an actual attack.
Google said Tuesday that it is tracking at least 40 companies involved in the creation of spyware and other hacking tools that are sold to governments and used against “high risk” users, including journalists, human rights defenders and dissidents.
Escape's security team scanned nearly 200 million URL's and found more than 18,000 exposed API secrets, and $20 million in Stripe tokens. The report is well worth a read, going deep into their methodology, the development of their web spider, the cost of the process, and of course their findings. Nice work! (Sponsored)
Microsoft is bringing the Linux 'sudo' feature to Windows Server 2025, offering a new way for admins to elevate privileges for console applications.
Stepped up coordination among Iranian cyber actors may improve their ability to hit U.S. critical infrastructure, Microsoft researchers say.
Cyber and national security advisor Anne Neuberger says the White House is exploring the use of watermarking to better identify and disclose computer-generated images.
Breaches and leaks
- Lurie Children's Hospital took systems offline after cyberattack: link.
- AnyDesk says hackers breached its production servers, reset passwords: link.
- Clorox says cyberattack caused $49 million in expenses: link.
- HPE investigates new breach after data for sale on hacking forum: link.
- Verizon insider data breach hits over 63,000 employees: link.
- Data breach at French healthcare services firm puts millions at risk: link.
- DDoS attack on Pennsylvania court system knocks out filing systems, bail payment site: link.
- Iran-linked hackers claim attack on Albania's Institute of Statistics: link.
- Finance worker pays out $25 million after video call with deepfake ‘chief financial officer’: link.
- Chinese hackers infect Dutch military network with malware: link.
- New Hampshire authorities trace Biden AI robocall to Texas-based telecom: link.
Issues and fixes
- Mastodon vulnerability allows attackers to take over accounts: link.
- Newest Ivanti SSRF zero-day now under mass exploitation: link.
- JetBrains warns of new TeamCity auth bypass vulnerability: link.
- Critical flaw in Shim bootloader impacts major Linux distros: link.
- Critical Cisco bug exposes Expressway gateways to CSRF attacks: link.
- Fortinet warns of new FortiSIEM RCE bugs in confusing disclosure: link.
I'm not going to write a long marketing-heavy paragraph on this one. I just love using 1Password. The UX, the support, the integrations, it all works wonderfully. Highly recommended. (Sponsored)