USCIS mulls policing social media of all would-be citizens • The Register - Social Media assessment that started under the Obama White House will be extended to all resident and documented aliens. Moves the social media scanning from before entry to all immigrants.
Badbox is back and a million Android devices were backdoored • The Register - Infected Android machines part of extensive botnet. Devices exploiting residential IP space to serve malicious ads.
Open-source tool ‘Rayhunter’ helps users detect Stingray attacks - New EFF (electronic frontier foundation) tool uses portal cellular routers to detect IMSI Catchers or “StingRays” ( https://github.com/EFForg/rayhunter )
Ransomware gang encrypted network from a webcam to bypass EDR - Threat actors pivot to webcam and use SMB share mounting to effectively encrypt and ransom the company.
Undocumented commands found in Bluetooth chip used by a billion devices - If it sounds like the sky is falling, well…actually sometimes it is. But in this case, its not as bad as it sounds. People with physical access to the chips can access the code on the chip. But if a bluetooth implementation were handled incorrectly, this could be big business for bad guys.
US seizes $23 million in crypto linked to LastPass breaches - LastPass, the energizer bunny of breaches, just keeps going and going
India wants cloud and email backdoors for tax authorities • The Register - Indian Tax Authorities would have the right to “Any website used for storing details of ownership of any asset;” including email, social media, investment accounts, remote servers, break down doors, and crack safes.
Sidewinder shifts to targeting of nuclear, maritime orgs • The Register - Sidewinder, an Indian based hacking group has started targeting Nuclear, Maritime, and Port Authority organizations in South Asia, China, Pakistan, Sri Lanka, and Africa.
Allstate sued for exposing personal info in plaintext • The Register - Be careful when building online tools, what information you expose to what individuals, it could be costly.
US cities warn of wave of unpaid parking phishing texts - Annapolis, Boston, Greenwich, Denver, Detroit, Houston, Milwaukee, Salt Lake City, Charlotte, San Diego, San Francisco, and others.
Malicious Chrome extensions can spoof password managers in new attack - Chrome Extension can list other extensions, disable or hide other extensions, and change its display name, icon, and text to match discovered password managers. Then reverts all the changes.
X hit by ‘massive cyberattack’ amid Dark Storm’s DDoS claims - X back up after moving behind Cloudflare DDoS protection. Pro-Palestinian group Dark Storm has been taking responsibility for the attack. Though most grassroots efforts usually turn out to be government backed.
Trump nominates Sean Plankey as new CISA director | TechCrunch - Plankey has several years of experience working for the U.S. government. In 2013, Plankey gave cybersecurity support to U.S. forces deployed in Afghanistan, then worked at U.S. Cyber Command, the U.S. Coast Guard, and the U.S. Navy. He also worked in the previous Trump administration as a director for cyber policy on the White House’s National Security Council and later at the Department of Energy, according to Plankey’s LinkedIn.
FTC will send $25.5 million to victims of tech support scams - FTC will send 736,375 PayPal payments starting March 13 to consumers tricked into paying for unnecessary computer repair services. Between now and March 13, those eligible for a refund will receive an email and must redeem the PayPal payment within 30 days.
Developer sabotaged ex-employer IT systems with kill switch • The Register - Insider threat, dead man’s switches, and home grown malware. If David Not Employed == True; Tank employer
Apple takes UK to court over ‘backdoor’ order • The Register - Apple fighting back over Advanced Data Protection order. UK quietly scrubs encryption advice from government websites | TechCrunch - After attacking Apple’s ADP, UK removes recommendations to enable ADP for barristers, solicitors, and legal professionals, as well as other at-risk individuals.
Justice Department charges Chinese hackers-for-hire linked to Treasury breach | TechCrunch - Hackers charged en absentia, but $10m and $2m rewards available if you can catch them!
Silk Typhoon targeting IT supply chain | Microsoft Security Blog - Threat actors breaking into anything possible to steal API keys, pivot access. Instead of using normal cve’s. Changes our threat landscape and where we have to defend from.
FBI says scammers are targeting US executives with fake BianLian ransom notes | TechCrunch - Ransom Notes…by mail?