Tux Machines
Posted by Roy Schestowitz on Feb 25, 2023,
updated Feb 25, 2023
=> today's howtos | Android Leftovers
=> ↺ Fortinet Shares Clarifications on Exploitation of FortiNAC Vulnerability
Fortinet provides clarifications following ‘sensationalized reports’ related to exploitation attempts targeting the FortiNAC vulnerability CVE-2022-39952
=> ↺ Ransomware Attack Forces Produce Giant Dole to Shut Down Plants
Dole was forced to shut down systems in North America due to a ransomware attack, which has reportedly led to salad shortages in some grocery stores.
=> ↺ NIST plots biggest ever reform of Cybersecurity Framework
CSF 2.0 blueprint offered up for public review
=> ↺ "Hacker's Mind" Meets Lawyer's Mind
Interviewing Bruce Schneier in episode 444 of the Cyberlaw Podcast
=> ↺ Russian national accused of developing, selling malware appears in U.S. court
Dariy Pankov faces up to 47 years in prison on charges linked to credential sales and offering access to the NLBrute malware.
=> ↺ Salad shortages reported following ransomware attack on agricultural giant Dole
A ransomware attack on multinational agricultural giant Dole plc has caused salad shortages after the company was forced to shut down production facilities in the U.S. Dole disclosed the ransomware attack in a brief statement on Wednesday, saying it moved quickly to contain the threat and engaged outside cybersecurity experts...
=> ↺ Largely undetected malware family targets pirated [sic] macOS applications
Security researchers at Apple Inc. enterprise management firm Jamf Holding Corp. today detailed a largely undetected family of malware that infects pirated macOS applications to mine cryptocurrency secretly. The malware uses XMRig, an open-source command line cryptomining tool commonly used for legitimate purposes, for nefarious intent.
=> ↺ A year after Russia’s invasion, the scope of cyberwar in Ukraine comes into focus
The Ukraine war has inspired a defensive cyber effort that government officials and technology executives describe as unprecedented.
=> ↺ White House cybersecurity strategy to force large companies to make systems secure by design
The highly anticipated strategy document aims to deliver security improvements to the broader digital ecosystem.
=> ↺ Stealthy Mac Malware Delivered via Pirated Apps
Cybercriminals are delivering stealthy cryptojacking malware to Macs using pirated apps and they could use the same method for other malware.
=> ↺ Russian Accused of Developing NLBrute Malware Extradited to US
A Russian malware developer behind the NLBrute brute-forcing tool has been extradited to the United States from Georgia.
=> ↺ The Energy Department’s Puesh Kumar on grid hacking, Ukraine and Pipedream malware
Puesh Kumar, director of the Office of Cybersecurity, Energy Security, and Emergency Response, discusses how the DOE fends off hackers.
=> ↺ North Korean hackers move $3.2M from Gate.io 2018 hack
The majority of $234 million stolen in the attack was already laundered. The recent movements involved funds that were dormant for 4.5 years.
=> ↺ KS: Hutchinson Clinic issues alert concerning December data breach
Their notice indicates that neither patients nor HHS has been notified as yet.
=> ↺ Chinese security researchers claim to have identified ‘Against The West’ hackers
There’s little doubt that the individuals involved in ATW are pro-West. And some of what is reported about them is consistent with what a spokesperson had told DataBreaches in an April 2022 interview.
AgainstTheWest (“ATW”) had a history on Twitter and Telegram that was replete with drama as members left or split or fought, and as accounts were canceled by platforms.
When the Breached forum opened in early 2022, ATW, who had been on Raid Forums prior to its seizure, joined.
=> ↺ ‘Nevada Group’ hackers target thousands of computer networks
A mysterious and unidentified group of hackers has sought to paralyse the computer networks of almost 5,000 victims across the US and Europe, in one of the most widespread ransomware attacks on record. The hacking unit, initially nicknamed the Nevada Group by security researchers, began a series of attacks that started around three weeks ago by exploiting an easily fixed vulnerability in a piece of code that is ubiquitous in cloud servers. The Financial Times contacted several victims identified from the publicly available information. Most declined to comment, saying they had been asked by law enforcement to do so. They include universities in the US and Hungary, shipping and construction groups in Italy and manufacturers in Germany.
=> ↺ Russian Malware Developer Arrested And Extradited To The United States
Pankov, a citizen and resident of Russia, was taken into custody by Georgian authorities in the Republic of Georgia, on October 4, 2022, and extradited to the United States pursuant to a request from the United States. Pankov appeared before United States Magistrate Christopher P. Tuite on February 21, 2023, in Tampa, Florida and was ordered detained pending trial.
=> ↺ Three arrested in massive hacking, data theft and blackmail probe; One was a whitehat researcher
Amsterdam’s cyber crime police team has arrested three young men as part of a major investigation into hacking, data theft, blackmail and money laundering involving the private details of tens of millions of people.
=> ↺ The Good Guys warns of customer data leak - Security - iTnews
The Good Guys is the latest company to reveal that some of its customer leaked in a historical data breach at My Rewards.
According to The Good Guys' notification, the breach occurred at My Rewards, known at the time of the breach as Pegasus Group, a provider of loyalty program software and services.
The Good Guys said only limited data leaked in the breach: names, addresses, phone numbers and email addresses, and in some cases, an encrypted password and date of birth if the customer had provided it.
=> ↺ TELUS investigating leak of stolen source code, employee data
=> ↺ Chinese national accused of 2022 mass data leak
An investigation into the leak of 23 million items of personal data, including that of the relatives of Vice President Lai Ching-te (賴清德) and Secretary-General of the National Security Council Wellington Koo (顧立雄), has concluded the hacker responsible was a Chinese national.
In October 2022, an individual using the alias “OKE” listed over 23 million personal data records for sale online that were reportedly Taiwan Household Registration Office records, though the office denied it was the source. The data included people’s ID codes, birthplaces, educational backgrounds, phone numbers, addresses, and names.
=> gemini.tuxmachines.org This content has been proxied by September (ba2dc).Proxy Information
text/gemini;lang=en-GB