Cyber Bits · · 2 min read

Cyber Bits: April 8, 2024

Cyber Bits: April 8, 2024

We hope everyone is recovered from a great holiday period (here in the Cayman Islands) and have two week’s worth of news to catch up on! What’s in store? Lots of data breaches, open source tools to identify backdoors in affected XZ libraries, and money laundering via cryptocurrencies.

XZ backdoor scanner released

Links: Bleeping Computer

Security firm Binarly has released a free online scanner to detect Linux executables impacted by the XZ Utils supply chain attack, also known as CVE-2024-3094. For those unaware, last month, a Microsoft engineer discovered the backdoor in the XZ Utils package while investigating unusually slow SSH logins. The backdoor was introduced by a trusted contributor.

Ransomware targeting VMware

Links: Bleeping Computer

Ransomware attacks are always targeting virtual infrastructure, but a Chilean hosting provider noticed new attacks targeting LATAM-based virtual machine. In the trend of the most recent ransomware attacks, Panera and Omni Hotels were suffering outages sourced to ransomware attacks.

KuCoin charged with AML violations

Links: Bleeping Computer

The US Department of Justice (DoJ) has charged global cryptocurrency exchange KuCoin and two of its founders for failing to adhere to anti-money laundering (AML) requirements. The DoJ claimed that KuCoin knowingly allowed US-based traders to use the platform without collecting the appropriate KYC documentation. While not unheard of, the DoJ also states that KuCoin advertised that KYC wasn’t required to use the platform, allowing $9 billion in crypto to potentially be laundered.

AT&T states 70 million leaked records aren’t from their systems

Links: Bleeping Computer

AT&T has announced that the leaked records of 71 million people didn’t originate from their systems, contrary to what ShinyHunters (the group responsible for selling the data) stated when trying to sell the data for $200,000 USD. For those reading and keeping track of how much their data is worth, that comes to $355 per user. However, last week, a hacker known as MajorNelson has released it for free, containing the Social Security Number and Date of Birth for the 71 million records.

Google to delete records of data they said weren't being recorded

Links: The Hacker News

Google has agreed to delete billions of records collected from users while using their Incognito feature, following a class-action lawsuit from 2020. There’s not much else to say about this one other than we’re sure Google will completely be compliant moving forward and won’t find another way to capture your data and sell it.

Read next

Cyber Bits: November 25
Cyber Bits ·

Cyber Bits: November 25

Welcome to this week's edition of Cyber Bits, where we cover the latest in malware campaigns, advanced persistent threats, data breaches, vulnerabilities in enterprise systems from Fortinet and Palo Alto, and the economic impact of cyberattacks. Here's what you need to know this week:

Cyber Bits: October 21
Cyber Bits ·

Cyber Bits: October 21

In this week's Cyber Bits, Internet Archive faces another breach, Microsoft sets up Azure tenant honeypots, ransomware attacks are using ESET's name, Microsoft may have lost some security logs, and North Korea is targeting companies looking for temporary IT workers.

Cyber Bits: October 14
Cyber Bits ·

Cyber Bits: October 14

In this weeks Cyber Bits, Microsoft deprecates VPN protocols, OpenAI confirms what everyone already knew about bad guys using ChatGPT for malware, SOC teams lament alert fatigue, qualified personnel gaps in cloud and cyber, and how to build cyber resilience for SMB's.