Cybersecurity News
A Cybersecurity briefing on noteworthy Cyber Attacks, Vulnerabilities, and InfoSec news.
Noteworthy Cyber Attacks Reported
Crypto exchange Gemini was targeted in a phishing attack after hackers successfully extracted personal information of its customers from an unnamed third-party vendor. Security experts found phone numbers and email addresses of its 5.7 million users available for sale on different hacker forums. Customers’ account data and its systems have not been impacted. - Crypto is getting beat up pretty badly this year and this certainly does not help the current image/sentiment. https://www.bleepingcomputer.com/news/security/hackers-leak-personal-info-allegedly-stolen-from-57m-gemini-users/
The FBI, the FDA OCI, and the USDA have released a joint Cybersecurity Advisory (CSA) detailing recently observed incidents of criminal actors using business email compromise (BEC) to steal shipments of food products and ingredients valued at hundreds of thousands of dollars. The joint CSA analyzes the common tactics, techniques, and procedures (TTPs) utilized by criminal actors to spoof emails and domains to impersonate legitimate employees and order goods that went unpaid and were possibly resold at devalued prices with labeling that lacked industry standard “need-to-knows” (i.e., necessary information about ingredients, allergens, or expiration dates). https://www.cisa.gov/uscert/ncas/current-activity/2022/12/16/fbi-fda-oci-and-usda-release-joint-cybersecurity-advisory
Social media analytics platform Social Blade has confirmed they suffered a data breach after its database was breached and put up for sale on a hacking forum. The hacker claimed the stolen database held 5.6 million records and shared samples of the exfiltrated data, including IP addresses, emails, database structure, etc. https://www.bleepingcomputer.com/news/security/social-blade-confirms-breach-after-hacker-posts-stolen-user-data/?&web_view=true
Noteworthy Vulnerabilities / Threats Discovered
Mandiant identified an operation focused on the Ukrainian government via trojanized Windows 10 Operating System installers. These were distributed via torrent sites in a supply chain attack. - Mandiant provides good detail and insight into the capabilities and sophistication of these attacks. https://www.mandiant.com/resources/blog/trojanized-windows-installers-ukrainian-government
CISA has released forty-one (41) Industrial Control Systems (ICS) advisories on 15 December 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. https://www.cisa.gov/uscert/ncas/current-activity/2022/12/15/cisa-releases-forty-one-industrial-control-systems-advisories
Noteworthy InfoSec News
Push notification fatigue is a major concern for MFA and should be replaced. Microsoft plans to enable the new "number matching" MFA method for ALL tenants by Feb '23, so if you use O365, you should read this. https://learn.microsoft.com/en-us/azure/active-directory/authentication/how-to-mfa-number-match
The US Senate passed a bill on Wednesday banning federal employees from using the TikTok app on devices provided by the government. "TikTok is a Trojan Horse for the Chinese Communist Party. It's a major security risk to the United States, and until it is forced to sever ties with China completely, it has no place on government devices," Hawley said in a statement, commenting on the news. "States across the US are banning TikTok on government devices. It's time for Joe Biden and the Democrats to help do the same." The bill still needs to receive approval from the US House of Representatives before the end of the current congressional session (expected next week). Only then will it be presented to President Joe Biden for approval. https://www.infosecurity-magazine.com/news/us-senate-ban-tiktok-govtv-devices/?&web_view=true
Check our Twitter and Discord Server for more information:
If you missed yesterday's rundown, check it out here:
Additional resources:
Direct link to the bill - S.3455 - No TikTok on Government Devices Act 116th Congress (2019-2020) https://www.congress.gov/bill/116th-congress/senate-bill/3455
