Ransomware gang leaks data from Stanford, Maryland universities
www.bleepingcomputer.com/news/security/ransomware-gang-leaks-data-from-stanford-maryland-universities/ Personal and financial information stolen from Stanford Medicine, University of Maryland Baltimore (UMB), and the University of California was leaked online by the Clop ransomware group. Data stolen in the attack targeting Stanford Medicine’s Accellion server includes names, addresses, email addresses, Social Security numbers, and financial information, reported the Stanford Daily.
GitHub Actions being actively abused to mine cryptocurrency on GitHub servers
www.bleepingcomputer.com/news/security/github-actions-being-actively-abused-to-mine-cryptocurrency-on-github-servers/ The particular attack adds malicious GitHub Actions code to repositories forked from legitimate ones, and further creates a Pull Request for the original repository maintainers to merge the code back, to alter the original code. BleepingComputer also observed the malicious code loads a misnamed crypto miner npm.exe from GitLab and runs it with the attacker’s wallet address.
Phone numbers for 533 million Facebook users leaked on hacking forum
therecord.media/phone-numbers-for-533-million-facebook-users-leaked-on-hacking-forum/amp/ A threat actor has published the phone numbers and account details for an estimated 533 million Facebook users about a fifth of the entire social network’s user pool on a publicly accessible cybercrime forum. Information leaked today includes Facebook ID numbers, profile names, email addresses, location information, gender details, job data, and anything else users might have entered in their profiles. The dump includes 1, 381, 569 users from Finland
GitHub Arctic Vault likely contains leaked MedData patient records
www.bleepingcomputer.com/news/security/github-arctic-vault-likely-contains-leaked-meddata-patient-records/ GitHub Arctic Code Vault has likely captured sensitive patient medical records from multiple healthcare facilities in a data leak attributed to MedData. The private data was leaked on GitHub repositories last year whose contributors carry the “Arctic Code Vault” badge.
Mind the Gap: How the NSA might use SolarWinds campaign to do warrantless spying
zetter.substack.com/p/mind-the-gap-how-the-nsa-might-use Officials have said the SolarWinds hacking campaign succeeded in part because of a gap in NSA surveillance power. Referring to this as an intelligence “blind spot, ” a “domestic visibility” issue, and an authorities “gap, ” officials appear to be setting the stage to seek new powers for the NSA or another agency to conduct domestic surveillance
AMD Publishes Security Analysis Of Zen 3 “PSF” That Could Possibly Lead To A Side-Channel Attack
www.phoronix.com/scan.php?page=news_item&px=AMD-PSF-Security-Analysis AMD researchers believe the impact of bad PSF speculation is similar to that of Spectre V4 (Speculative Store Bypass) and particularly of concern for untrusted code being executed within a sandbox/isolation. AMD is not aware of any code that would be considered vulnerable to PSF behavior and that the risk with PSF is “likely low” but did provide guidance on disabling the Predictive Store Forwarding behavior.
QNAP caught napping as disclosure delay expires, critical NAS bugs revealed
www.theregister.com/2021/04/02/qnap_bug_nas/ Some QNAP network attached storage devices are vulnerable to attack because of two critical vulnerabilities, one that enables unauthenticated remote code execution and another that provides the ability to write to arbitrary files. ThreatPost claims this flaw is addressed in an updated version of QNAP’s media server app, Multimedia Console 1.3.4, though the update makes no mention of any security fixes.
533 million Facebook users’ phone numbers and personal data have been leaked online
www.businessinsider.com/stolen-data-of-533-million-facebook-users-leaked-online-2021-4?op=1&scrolla=5eb6d68b7fedc32c19ef33b4&r=US&IR=T A user in a low level hacking forum on Saturday published the phone numbers and personal data of hundreds of millions of Facebook users for free online. Now, the entire dataset has been posted on the hacking forum for free, making it widely available to anyone with rudimentary data skills.
Facebook data on 533 million users posted online
www.zdnet.com/article/facebook-data-on-533-million-users-posted-online/#ftag=RSSbaffb68 Data posted on a cybercrime forum includes phone numbers, Facebook IDs, birth dates, gender and location. The data is reportedly broken up into download packages by country.
2021 Security Outcomes Study: Timely Incident Response as a Business Enabler
blogs.cisco.com/security/2021-security-outcomes-study-timely-incident-response-as-a-business-enabler Timely incident response as a business enabler is surprising, and even more telling is that, among the respondents of the Security Outcomes Study, incident response also ranked highly on the list of components that contribute to a host of other progressive security initiatives.
Buffer overruns, license violations, and bad code: FreeBSD 13’s close call
arstechnica.com/gadgets/2021/03/buffer-overruns-license-violations-and-bad-code-freebsd-13s-close-call/ 40, 000 lines of flawed code almost made it into FreeBSD’s kernel. Matthew Macy seemed like a perfectly reasonable choice to port WireGuard into the FreeBSD kernel. After roughly nine months of part-time development, Macy committed his portlargely unreviewed and inadequately testeddirectly into the HEAD section of FreeBSD’s code repository, where it was scheduled for incorporation into FreeBSD 13.0-RELEASE.
Reducing Human Error Security Threats with a Remote Workforce
blog.itsecurityexpert.co.uk/2021/03/reducing-human-error-security-threats.html Surprisingly, a large portion of cyberattacks can be best prevented by reducing the risks to a remote workforce created by human error. Lack of employee knowledge, distraction, and neglect all can leave remote networks vulnerable. This article will explore not only the cost of human error but the practices you can employ to prevent it.
German sub navigation system Russian controlled
ukdefencejournal.org.uk/german-sub-navigation-system-russian-controlled/ German media has reported that the Russian controlled Navi-Sailor 4100′ has been installed on at least 100 vessels operated by Germany’s military, including the submarine fleet. German media reports here that in 2005, under Federal Chancellor Gerhard Schröder, around one hundred vehicles, including aval platforms, were equipped with new navigation systems from Russian company Transas.
Malicious cheats for Call of Duty: Warzone are circulating online
arstechnica.com/gadgets/2021/04/activision-warns-of-malware-masquerading-as-cheats-for-call-of-duty-warzone/ On Wednesday, Activision said that a popular cheating site was circulating a fake cheat for Call of Duty: Warzone that contained a dropper, a term for a type of backdoor that installs specific pieces of malware chosen by the person who created it.