CyberSecurity Updates

19 May

Legitimate looking npm packages found hosting TurkoRat infostealer

Data Breaches, Malware, Social Engineering

Despite efforts taken in recent years to proactively monitor public software repositories for malicious code, packages that bundle malware continue to routinely pop up in such places. Researchers recently identified two legitimate looking packages that remained undetected for over two months and deployed an open-source information stealing trojan called TurkoRat. Effective use of typosquatting on malicious npm packages Attackers attempt to trick users into downloading malicious packages in several ways, and typosquatting is one of…

Read More
19 May

US Teenager Indicted for Credential Stuffing Attack on Fantasy Sports Website

Data Breaches, Information, News

A Wisconsin teenager has been charged with accessing tens of thousands of user accounts at a fantasy sports and betting website after launching a credential stuffing attack on the site. According to a six-count criminal complaint (PDF), the teenager, Joseph Garrison, of Wisconsin, launched the attack on the betting website on November 18, 2022, accessing roughly 60,000 accounts without authorization. In some cases, the defendant and others added a new payment method to the compromised…

Read More
19 May

Pimcore Platform Flaws Exposed Users to Code Execution

Information, News

Security researchers are warning that vulnerabilities patched in the open-source Pimcore platform could have led to the execution of arbitrary code when clicking on a link. A digital experience platform, Pimcore provides data and user experience management capabilities to over 100,000 organizations worldwide. In March 2023, version 10.5.19 of the Pimcore platform resolved two issues that could have been used together to achieve arbitrary code execution, open source software security company Sonar Source says. The…

Read More
19 May

Guerrilla malware is preinfected on 8.9 million Android devices, Trend Micro says

Data Breaches, Malware, Social Engineering

Cybercrime gang Lemon Group has managed to get malware known as Guerrilla preinstalled on about 8.9 million Android-based smartphones, watches, TVs, and TV boxes globally, according to Trend Micro.  The Guerilla malware can load additional payloads, intercept one-time passwords (OTPs) from SMS texts, set up a reverse proxy from the infected device, and infiltrate WhatsApp sessions.  “The infection turns these devices into mobile proxies, tools for stealing and selling SMS messages, social media and online…

Read More
19 May

Cisco Releases Security Advisory for Small Business Series Switches

Attacks, Insights, Malware

Cisco released a security advisory to address multiple vulnerabilities affecting the web-based user interface of certain Cisco Small Business Series Switches. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition or execute arbitrary code with root privileges on an affected device. CISA encourages users and administrators to review the following advisory and apply the necessary updates: •    Cisco Small Business Series Switches Buffer Overflow Vulnerabilities For updates addressing lower severity vulnerabilities, see…

Read More
19 May

Accessibility should be a cybersecurity priority, says UK NCSC

Data Breaches, Malware, Social Engineering

The UK National Cyber Security Centre (NCSC) has urged businesses and security leaders to make accessibility a cybersecurity priority to help make systems more secure and human errors/workarounds less likely. It can also aid in meeting legal requirements, delivering better operational outcomes, and attracting and retaining more diverse talent, according to the NCSC. However, there are various examples of cybersecurity being presented in a way that is inaccessible for a lot of people, particularly for…

Read More
19 May

IOTW: Location data of two million customers exposed in Toyota data breach

Attacks, Data Breaches

A cloud misconfiguration in car manufacturer Toyota’s servers may have leaked sensitive information belonging to more than two million customers. The cloud misconfiguration meant that sensitive information for those who subscribed to Toyota services T-Connect, G-Link, G-Link Lite and/or G-BOOK between January 2, 2012 to April 17, 2023 was accessible to unauthorized parties from November 6, 2013 to April 17, 2023. The data includes location information for impacted vehicles andthe time the vehicle was at…

Read More
19 May

What TikTok knows about you – and what you should know about TikTok

Information

As TikTok CEO attempts to placate U.S. lawmakers, it’s time for us all to think about the wealth of personal information that TikTok and other social media giants collect about us TikTok CEO Shou Zi Chew has appeared before the U.S. Congress to give his take on the app’s data security and privacy practices and possible links to the Chinese government amid a nationwide discussion about a blanket ban on TikTok in the US. The…

Read More
19 May

5 useful search engines for internet‑connected devices and services

Information

A roundup of some of the handiest tools that security professionals can use to search for and monitor devices that are accessible from the internet Internet security is a constant concern for technology and cybersecurity professionals. With the ever-increasing number of online devices and services, it is important to have a clear and accurate view of the online presence of these devices and services in order to protect them and data against online threats. Some…

Read More
19 May

S3 Ep135: Sysadmin by day, extortionist by night

Information

by Paul Ducklin AN INSIDER ATTACK (WHERE THE PERP GOT CAUGHT) No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS feed into your favourite podcatcher. READ THE TRANSCRIPT DOUG.  Inside jobs, facial recognition, and the “S”…

Read More