Information

27 Jun

U.K. Cyber Thug “PlugwalkJoe” Gets 5 Years in Prison

Information, Insights

Joseph James “PlugwalkJoe” O’Connor, a 24-year-old from the United Kingdom who earned his 15 minutes of fame by participating in the July 2020 hack of Twitter, has been sentenced to five years in a U.S. prison. That may seem like harsh punishment for a brief and very public cyber joy ride. But O’Connor also pleaded guilty in a separate investigation involving a years-long spree of cyberstalking and cryptocurrency theft enabled by “SIM swapping,” a crime…

Read More
27 Jun

HashiCorp Buys BluBracket for Secrets Scanning Tech

Information, News

Cloud infrastructure software firm HashiCorp on Tuesday announced a deal to acquire BluBracket, an early stage startup building technology to help businesses scan for secrets hidden in source code. Financial terms of the acquisition were not released.  BluBracket, based in Silicon Valley, raised $18.5 million in venture capital funding from Evolution Equity Partners, Unusual Ventures, Point72 Ventures, SignalFire and Firebolt Ventures.  In a statement announcing the acquisition, HashiCorp said BluBracket’s code scanning will complement HashiCorp…

Read More
27 Jun

UK hacker busted in Spain gets 5 years over Twitter hack and more

Information

by Naked Security writer Some hacks become so notorious that they acquire a definite article, even if the word THE ends up attached to a very general technical term. For example, you can probably trot out the names of dozens of well-known internet worms amongst the millions that exist in the zoos maintained by malware collectors. NotPetya, Wannacry, Stuxnet, Conficker, Slammer, Blaster, CodeRed and Happy99 are just a few from the past couple of decades.…

Read More
26 Jun

American Airlines, Southwest Airlines Impacted by Data Breach at Third-Party Provider

Data Breaches, Information, News

American Airlines and Southwest Airlines have started informing thousands of pilots that their personal information was compromised in a data breach at Pilot Credentials. A portal managing pilot and cadet recruitment applications on behalf of various airlines, Pilot Credentials informed both companies on May 3 that it had suffered a cyberattack resulting in the compromise of files on its systems. The vendor was breached on or around April 30 and the attackers obtained files containing…

Read More
23 Jun

What to know about the MoveIT hack – Week in security with Tony Anscombe

Information

The US government has now announced a bounty of $10 million for intel linking the Cl0p ransomware gang to a foreign government The US government is now offering a $10 million reward for information linking the Cl0p ransomware gang or other threat actors targeting US critical infrastructure to a foreign government. This is after Cl0p (also known as Clop) exploited vulnerabilities in the MoveIT file transfer platform to steal data from and extort numerous organizations…

Read More
23 Jun

Aussie PM says, “Shut down your phone every 24 hours for 5 mins” – but that’s not enough on its own

Information, Malware

by Paul Ducklin The Australian Prime Minister, Anthony Albanese, has apparently advised people Down Under to turn off their mobile phones once a day, for the surprisingly precise period of five minutes, as a cybersecurity measure. UK newspaper The Guardian quotes the PM as saying: We all have a responsibility. Simple things, turn your phone off every night for five minutes. For people watching this, do that every 24 hours, do it while you’re brushing…

Read More
23 Jun

NSA Issues Guidance on Mitigating BlackLotus Bootkit Infections

Information, News

The National Security Agency (NSA) has published technical mitigation guidance to help organizations harden systems against BlackLotus UEFI bootkit infections. The NSA’s recommendations provide a blueprint for defenders to protect systems from BlackLotus, a stealthy malware that emerged on underground forums in late 2022 with capabilities that include user access control (UAC) and secure boot bypass, unsigned driver loading, and prolonged persistence. To disable secure boot, the bootkit exploits a year-old vulnerability in Windows (CVE-2022-21894)…

Read More
23 Jun

In Other News: Microsoft Win32 App Isolation,Tsunami Hits Linux Servers, ChatGPT Credentials Exposed on Dark Web

Information, News

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…

Read More
23 Jun

CISA Tells US Agencies to Patch Exploited Roundcube, VMware Flaws

Information, News

The US government’s cybersecurity agency CISA on Thursday added another batch of security flaws to its Known Exploited Vulnerabilities (KEV) catalog and urged federal agencies to patch these issues as a matter of urgency. The already exploited vulnerabilities affect users of the open-source Roundcube webmail server and VMware Aria Operations for Networks. Exploitation of the open-source mail server Roundcube flaws has been linked to Russian state-sponsored attacks against the Ukrainian government and other high-profile entities…

Read More
22 Jun

Maltego: Check how exposed you are online

Information

A primer on how to use this powerful tool for uncovering and connecting information from publicly available sources It’s a truism that personal data is a valuable asset for cybercriminals, as it allows them to tailor and otherwise improve their phishing and other social engineering attacks. The wealth and variety of personal data that is available online is leveraged for attacks and scams that target not only people but also companies. But organizations too can…

Read More