Cyber Bits · · 2 min read

Cyber Bits: April 8, 2024

Cyber Bits: April 8, 2024

We hope everyone is recovered from a great holiday period (here in the Cayman Islands) and have two week’s worth of news to catch up on! What’s in store? Lots of data breaches, open source tools to identify backdoors in affected XZ libraries, and money laundering via cryptocurrencies.

XZ backdoor scanner released

Links: Bleeping Computer

Security firm Binarly has released a free online scanner to detect Linux executables impacted by the XZ Utils supply chain attack, also known as CVE-2024-3094. For those unaware, last month, a Microsoft engineer discovered the backdoor in the XZ Utils package while investigating unusually slow SSH logins. The backdoor was introduced by a trusted contributor.

Ransomware targeting VMware

Links: Bleeping Computer

Ransomware attacks are always targeting virtual infrastructure, but a Chilean hosting provider noticed new attacks targeting LATAM-based virtual machine. In the trend of the most recent ransomware attacks, Panera and Omni Hotels were suffering outages sourced to ransomware attacks.

KuCoin charged with AML violations

Links: Bleeping Computer

The US Department of Justice (DoJ) has charged global cryptocurrency exchange KuCoin and two of its founders for failing to adhere to anti-money laundering (AML) requirements. The DoJ claimed that KuCoin knowingly allowed US-based traders to use the platform without collecting the appropriate KYC documentation. While not unheard of, the DoJ also states that KuCoin advertised that KYC wasn’t required to use the platform, allowing $9 billion in crypto to potentially be laundered.

AT&T states 70 million leaked records aren’t from their systems

Links: Bleeping Computer

AT&T has announced that the leaked records of 71 million people didn’t originate from their systems, contrary to what ShinyHunters (the group responsible for selling the data) stated when trying to sell the data for $200,000 USD. For those reading and keeping track of how much their data is worth, that comes to $355 per user. However, last week, a hacker known as MajorNelson has released it for free, containing the Social Security Number and Date of Birth for the 71 million records.

Google to delete records of data they said weren't being recorded

Links: The Hacker News

Google has agreed to delete billions of records collected from users while using their Incognito feature, following a class-action lawsuit from 2020. There’s not much else to say about this one other than we’re sure Google will completely be compliant moving forward and won’t find another way to capture your data and sell it.

Read next

Cyber Bits: July 8, 2024
Cyber Bits ·

Cyber Bits: July 8, 2024

In this week's Cyber Bits, we look into Cloudflare's BGP incident, a Go-based ransomware variant targeting VMs, Ticketmaster struggling with a ransomware incident, hackers leaking Twilio data, and Cobalt Strike servers being shutdown by the feds.

Cyber Bits: June 24, 2024
Cyber Bits ·

Cyber Bits: June 24, 2024

This week - VMware's urgent security patches, a UEFI vulnerability in Intel PCs, US sanctions on Kaspersky, ransomware attacks on old Android phones, and a breach of 1,590 crypto wallets by North Korean hackers. Stay updated with the latest cybersecurity news and tips.