Another week and more learning progress made!
- Swiss government warns of ongoing DDoS attacks, data leak – The Swiss government has disclosed that a recent ransomware attack on an IT supplier might have impacted its data, while today, it warns that it is now targeted in DDoS attacks.
- Password Reset Hack Exposed in Honda’s E-Commerce Platform, Dealers Data at Risk – Security vulnerabilities discovered in Honda’s e-commerce platform could have been exploited to gain unrestricted access to sensitive dealer information.
- Strava heatmap feature can be abused to find home addresses – Researchers at the North Carolina State University Raleigh have discovered a privacy risk in the Strava app’s heatmap feature that could lead to identifying users’ home addresses.
- Ukrainian hackers take down service provider for Russian banks – A group of Ukrainian hackers known as the Cyber.Anarchy.Squad claimed an attack that took down Russian telecom provider Infotel JSC on Thursday evening.
- RDP honeypot targeted 3.5 million times in brute-force attacks – Remote desktop connections are so powerful a magnet for hackers that an exposed connection can average more than 37,000 times every day from various IP addresses.
- Massive phishing campaign uses 6,000 sites to impersonate 100 brands – A widespread brand impersonation campaign targeting over a hundred popular apparel, footwear, and clothing brands has been underway since June 2022, tricking people into entering their account credentials and financial information on fake websites.
- Two Russian Nationals Charged for Masterminding Mt. Gox Crypto Exchange Hack – The U.S. Department of Justice (DoJ) has charged two Russian nationals in connection with masterminding the 2014 digital heist of the now-defunct cryptocurrency exchange Mt. Gox.
- Hackers can steal cryptographic keys by video-recording power LEDs 60 feet away – Key-leaking side channels are a fact of life. Now they can be done by video-recording power LEDs.
- US intelligence confirms it buys Americans’ personal data – A newly declassified report says the controversial practice raises “significant issues” for Americans’ civil liberties
- Spotify has been fined $5.4 million for violating GDPR data rules – A Swedish regulator says the company wasn’t transparent enough about its handling of user data.
- Attackers Create Synthetic Security Researchers to Steal IP – Threat groups created a fake security company, “High Sierra,” with faux exploits and fake profiles for security researchers on GitHub and elsewhere, aiming to get targets to install their malware.
- Millions of Oregon, Louisiana state IDs stolen in MOVEit breach – Louisiana and Oregon warn that millions of driver’s licenses were exposed in a data breach after a ransomware gang hacked their MOVEit Transfer security file transfer systems to steal stored data.
- 20-Year-Old Russian LockBit Ransomware Affiliate Arrested in Arizona – The U.S. Department of Justice (DoJ) on Thursday unveiled charges against a Russian national for his alleged involvement in deploying LockBit ransomware to targets in the U.S., Asia, Europe, and Africa.
- Rhysida ransomware leaks documents stolen from Chilean Army – Threat actors behind a recently surfaced ransomware operation known as Rhysida have leaked online what they claim to be documents stolen from the network of the Chilean Army (Ejército de Chile).
- TryHackMe – SOC Level 1 – Zeek Exercises – Completed.