News
Hi friends,
Merry Friday to you all! I'm pinching this one in between two study sessions, as will be the case for the next few weeks. Or months. So it's a bit on the quick side, but I do what I can :-)
There's a lot of extremely interesting (and horrifying) news this week, so I hope you can take the time to read up on it. And that me pre-selecting some of it makes that easier. Good reading to you all!
Cheers,
How did Israel’s Mossad plan the Hezbollah pager cyberattack? Here's what we know so far.
Clearly the biggest news of this week. I'm surprised that my default security news sources aren't discussing this. It might not be hacking in the strictest sense, but it's definitely hacking-related and for sure one hell of a supply-chain attack.
23andMe to pay $30 million in genetics data breach settlement
"23andMe denies any wrongdoing whatsoever, and this Agreement shall in no event be construed or deemed to be evidence of or an admission or concession on the part of 23andMe with respect to any claim of any fault or liability or wrongdoing or damage whatsoever."
If you're wondering what that noise is, it's the sound of my gears grinding.
"23andMe has also agreed to strengthen its security protocols, including protections against credential-stuffing attacks, mandatory two-factor authentication for all users, and annual cybersecurity audits. The company must also create and maintain a data breach incident response plan and stop retaining personal data for inactive or deactivated accounts."
No shit.
Quick stories
- Unexplained ‘Noise Storms’ flood the Internet, puzzle experts: link.
- 'GitHub Scanner' e-mail notifications push malware: link.
- Discord rolls out end-to-end encryption for audio, video calls: link.
- Europol takes down "Ghost" encrypted messaging platform used for crime: link.
- Ukraine bans Telegram on state and military devices: link.
- Ever wonder how crooks get the credentials to unlock stolen phones?: link.
Breaches and leaks
- RansomHub claims Kawasaki cyberattack, threatens to leak stolen data: link.
- TfL requires in-person password resets for 30,000 employees after hack: link.
- AT&T settles a 2023 data breach for $13M: link.
- Chinese spies spent 4 months in aerospace firm’s server: link.
- Construction firms breached in brute force attacks on accounting software: link.
- Temu denies breach after hacker claims theft of 87 million data records: link.
- Russian security firm Dr.Web disconnects all servers after breach: link.
Issues and fixes
- D-Link fixes critical RCE, hardcoded password flaws in WiFi 6 routers: link.
- Exploit code released for critical Ivanti RCE flaw, patch now: link.
- Ivanti warns of another critical CSA flaw exploited in attacks: link.
- Over 1,000 ServiceNow instances found leaking corporate KB data: link.
- Broadcom fixes critical RCE bug in VMware vCenter Server: link.
- GitLab releases fix for critical SAML authentication bypass flaw: link.
- CISA warns of actively exploited Apache HugeGraph-Server bug: link.
1Password for developers: secrets, SSH keys, and more
I don't think most developers realise how valuable 1Password can be. It doesn't just hold passwords, it also hold your SSH keys, signs your Git commits, injects token and other secrets in CLI scripts when you want, and much more. (Sponsored)