Meta confirms ‘Project Waterworth,’ a global subsea cable project spanning 50,000 kilometers | TechCrunch - Meta will string a cable from the US, Brazil, India, South Africa, and elsewhere. The US Gov’t has committed to the Indian government to assist in this project. Meta-owned Facebook and Insta currently account for 10% of all fixed-internet traffic, and 22% of all mobile traffic.
Valve removes Steam game that contained malware | TechCrunch - Constant vigilance. Steam game was released with malware and removed after an unknown number of downloads. Anti-cheat and other game systems often have deep access to system components. Steam has recommended wiping your hard-drive and reimaging.
AUKUS blasts holes in LockBit’s bulletproof hosting provider • The Register - Bulletproof hosts often exists outside the reach of governments, but sanctions can be helpful. Bulletproof hosts stand up infrastructure in non-extradition countries, or countries with low technical law enforcement capabilities.
Coast Guard falls short on maritime cybersecurity, GAO says • The Register - Ports are insecure, people aren’t employed in key roles, and CG can’t access its cyber-audit data.
Microsoft fingers Russia’s Sandworm in US, UK attacks • The Register - Russia has been busy since 2021 with their BadPilot campaign. This campaign sees threat actors deploy TOR onion services on to users computers to maintain persistent access and to prevent security teams from investigating.
Arizona woman pleads guilty in $17M North Korean IT scam • The Register - Ms. Chapman helped scam 300 US companies with 70 different identities. Resulting in $17m in profit for N. Korea. The NK threat actors even went as far as to deploy on-the-fly deepfake technology to match individuals being interviewed. NK has pocked around $90m in 6 years using these techniques.
Sarcoma ransomware claims breach at giant PCB maker Unimicron - Taiwan’s 53 largest company, is being ransomwared by group Sarcoma. Unimicron, a printed circuit board manufacturer could see market disruptions of the next few weeks. Unimicron is one of the largest Integrated Circuit manufactures in the world, along side names like Micron, TSMC, Foxcon.
Microsoft spots XCSSET macOS malware variant used for crypto theft - Threat Actors are targeting developers making use of Xcode projects to deliver the malware. Once a malicious Xcode project is downloaded XCSSET has multiple modules to parse data on the system, collect sensitive information, and exfiltrate it. The type of data targeted includes logins, info from chat applications and browsers, Notes app, digital wallets, system information and files.
Chase will soon block Zelle payments to sellers on social media - Almost 50% of all Chase customer scam reports from June to December 2024 originated from Social Media. Chase, Bank of America, and Wells Fargo were the subject of a Consumer Financial Protection Bureau lawsuit, in which prosecutors asserted the Zelle product was rushed to market without proper consumer safeguards. This resulted in $880m in scammed funds. The CFPB was shutdown on February 10th by Trump’s DOGE
Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification - Google and others, claim SafetyCore is not Client-Side Scanning as some Intelligence and Law Enforcement Agencies have previously requested. Rather, the SafetyCore will allow on-device machine learning to expose an API apps can use to determine if content or messaging is malicious.
New FrigidStealer Malware Targets macOS Users via Fake Browser Updates - Users may visit webpages that cause a pop-up to harvest User passwords and install FrigidStealer malware. The malware will then rob your notes, your keychain, etc… Likely to facilitate the theft of crypto and other sensitive data
Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication - Juniper routers have an auth bypass vuln of between CVSS 9.3-9.8 depending on circumstances. Juniper recommends patching immediately and is not aware of any in the wild attacks.
Chinese hackers breach more US telecoms via unpatched Cisco routers - These ongoing attacks have already resulted in network breaches at multiple telecommunications providers, including a U.S. internet service provider (ISP), a U.S.-based affiliate of a U.K. telecommunications provider, a South African telecom provider, an Italian ISP, and a large Thailand telecommunications provider. CISA investigators into the Salt Typhoon were fired 2 days after President Trump started his second term.
North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack - NK threat actors build rapport with victims over time then provide them with instructions to “register” their computer. Victims are convinced to copy/paste and execute a Powershell snipped that downloads remote access tools (RATs) and gives access of the device to the threat actor. Oddly, this same technique was used in the Contagious Interview campaigns against macOS users.
whoAMI attacks give hackers code execution on Amazon EC2 instances - Terraform and other code or API calls that use the “Latest” option, or an unnamed owner, are likely victim to the attack.