Cyber (In)Securities – Issue 102

CyAN

Contents:

News

  1. LottieFiles hacked in supply chain attack to steal users’ crypto
  2. Fired Employee Allegedly Hacked Disney World’s Menu System to Alter Peanut Allergy Information
  3. Interbank confirms data breach following failed extortion, data leak
  4. Canada spy agency says India is using cyber tech to track Sikh separatists
  5. Uncle Sam outs a Russian accused of developing Redline infostealing malware
  6. Massive hack-for-hire scandal rocks Italian political elites (Free article usually reserved for subscribers)
  7. Chinese hackers targeted Eric Trump’s and Jared Kushner’s call data, sources say
  8. 7 in 10 firms lament workers’ lack of basic cybersecurity sense
  9. LLM firewalls enter the secure AI debate
  10. NSW desktop review finds dearth of data breach policies
  11. Russian court fines Google $20,000,000,000,000,000,000,000,000,000,000,000

Events

News:

LottieFiles hacked in supply chain attack to steal users’ crypto

https://www.bleepingcomputer.com/news/security/lottiefiles-hacked-in-supply-chain-attack-to-steal-users-crypto/

LottieFiles, a platform for animated graphics, recently suffered a supply chain attack compromising its ‘lottie-player’ library versions 2.0.5 to 2.0.7. The attackers injected malicious code designed to steal cryptocurrency by prompting users to connect their wallets, subsequently draining their assets.

Upon discovery, LottieFiles promptly released version 2.0.8, reverting to a secure state and advising users to update immediately. This incident underscores the critical need for vigilance in monitoring third-party dependencies and ensuring the integrity of software supply chains

Fired Employee Allegedly Hacked Disney World’s Menu System to Alter Peanut Allergy Information

https://www.404media.co/email/07659717-920e-49da-ae6e-fd43f2eae236

A former Disney employee is facing accusations of hacking into the company’s menu management system to alter peanut allergy information, allegedly marking certain items as safe for allergy sufferers when they weren’t.

This deliberate change raised serious safety concerns, as it directly impacted allergen disclosures critical to visitor health. After being terminated, the employee reportedly accessed Disney’s systems without permission, leading to an investigation by both Disney and federal authorities. This incident underscores the risks of internal cyber sabotage, especially regarding sensitive health and safety data.

Interbank confirms data breach following failed extortion, data leak

https://www.bleepingcomputer.com/news/security/interbank-confirms-data-breach-following-failed-extortion-data-leak/

Interbank finds itself in hot water after a failed ransomware demand led cybercriminals to leak sensitive customer data. The breach has exposed account details, prompting investigations and sparking questions about financial sector cyber resilience.

The bank, previously known as the International Bank of Peru (Banco Internacional del Perú) is currently bolstering its cybersecurity while reassuring clients, but the incident illustrates an alarming trend of hackers turning to public data leaks when extortion efforts falter. This high-profile breach emphasises the need for financial institutions to adopt more stringent protective measures against increasingly aggressive cyber threats.

Canada spy agency says India is using cyber tech to track Sikh separatists

https://www.theguardian.com/world/2024/oct/30/canada-india-sikh-cyber-technology

Canada’s spy agency claims that India is using sophisticated cyber tools to monitor Sikh separatists, highlighting a growing international privacy and surveillance issue. The agency reports that Indian authorities are leveraging spyware to track activists globally, which adds another layer to an already tense diplomatic relationship.

These allegations bring renewed scrutiny to the ethics of government surveillance and are likely to prompt calls for stronger international policies against cross-border cyber intrusions. The report fuels a larger debate on the limits of state surveillance in political matters.

Uncle Sam outs a Russian accused of developing Redline infostealing malware

https://www.theregister.com/2024/10/29/russian_redline_malware/

The U.S. Department of Justice has charged Russian national Maxim Rudometov with developing and administering the RedLine infostealer malware, which has compromised millions of computers globally since 2020. RedLine, sold as malware-as-a-service, enables cybercriminals to steal personal and financial data from victims.

This indictment is part of Operation Magnus, an international effort led by Dutch authorities that recently dismantled servers supporting RedLine and Meta infostealers. The case underscores the persistent threat posed by sophisticated malware and the importance of international collaboration in combating cybercrime

Massive hack-for-hire scandal rocks Italian political elites (Free article usually reserved for subscribers)

https://www.politico.eu/article/hacking-scandal-italy-matteo-renzi-sergio-mattarella-equalize-nunzio-samuele-calamucci/

Italy’s political circles are rocked by a sweeping hack-for-hire scandal that’s exposed sensitive communications among high-ranking officials. Alleged to have targeted politicians and other public figures, this scandal reveals the depth of cyber espionage risks within European political systems.

As investigations deepen, the incident underscores the vulnerability of public figures to espionage-for-hire and raises ethical questions around the misuse of cyber expertise for political manipulation. This scandal is likely to prompt discussions on better cybersecurity practices and regulations for political entities.

Chinese hackers targeted Eric Trump’s and Jared Kushner’s call data, sources say

https://edition.cnn.com/2024/10/29/politics/chinese-hackers-targeted-eric-trump-jared-kushner-call-data/index.html

The FBI alleges that Chinese hackers breached the mobile devices of Donald Trump’s family members in a high-profile cyber espionage incident. Using sophisticated tactics, the attackers reportedly aimed to gather sensitive information, highlighting ongoing concerns about the vulnerability of prominent political figures’ digital security.

As state-backed cyber campaigns increasingly target personal devices, this incident underscores the need for secure communication channels and advanced cybersecurity protocols for government officials and their families. The case raises further questions about the reach of foreign surveillance.

7 in 10 firms lament workers’ lack of basic cybersecurity sense

https://www.frontier-enterprise.com/7-in-10-firms-lament-workers-lack-of-basic-cybersecurity-sense/

A recent survey shows that 70% of companies are struggling with basic cybersecurity awareness among employees, a worrying statistic as cyber threats continue to escalate. Many employees remain unaware of even the most fundamental practices, such as recognising phishing attempts, which makes businesses more susceptible to attacks.

Experts stress the importance of company-wide cybersecurity training as a primary defense against breaches. This report highlights the critical need for organisations to foster a proactive cybersecurity culture, especially in the face of growing digital risks.

LLM firewalls enter the secure AI debate

https://www.innovationaus.com/llm-firewalls-enter-the-secure-ai-debate

As AI becomes integral to industry operations, security remains a pressing concern, with LLM firewalls emerging as a new line of defense. These firewalls aim to prevent misuse by intercepting and evaluating prompts before they reach AI models, thereby safeguarding sensitive data.

Security experts suggest that these firewalls could set a new standard for AI safety by acting as a gatekeeper against harmful or unintended outcomes. As AI adoption surges, the addition of LLM firewalls marks a pivotal shift in the ongoing conversation about AI security and responsible tech deployment.

NSW desktop review finds dearth of data breach policies

https://www.itnews.com.au/news/nsw-desktop-review-finds-dearth-of-data-breach-policies-612711

A NSW review has exposed significant gaps in data breach policies, showing many organisations are unprepared for security incidents. The lack of formal guidelines leaves companies vulnerable and risks non-compliance, particularly with stricter data protection regulations.

Experts are calling for an overhaul of breach response strategies, emphasising the need for structured policies that outline steps for detection, reporting, and remediation. This review highlights a critical weak spot in cybersecurity readiness and signals a need for widespread improvements in data governance.

Russian court fines Google $20,000,000,000,000,000,000,000,000,000,000,000

https://www.theregister.com/2024/10/29/russian_court_fines_google/

Yep, we had to shrink the font for that headline…

A Russian court has handed Google an astronomical fine, widely seen as a heavy-handed response to the company’s modest efforts to curb disinformation and propaganda. The unprecedented penalty underscores a punitive stance toward platforms that attempt even minimal content moderation, illustrating the risks tech companies face in authoritarian settings.

Critics argue that while Google’s efforts may be limited, they represent a necessary, if incremental, step in addressing misinformation—a priority in global trust and safety work. This clash highlights the complex and often precarious role of tech platforms navigating content control amid regulatory pressures.

Events: