Sign up to save your podcasts
Or
Share Mac is Back-Doored, Fake Crypto Apps, Russians Hiding in the Cloud, and more.
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Mac is Back-Doored, Fake Crypto Apps, Russians Hiding in the Cloud, and more.
A daily look at the relevant information security news from overnight - 19 July, 2022
Episode 268 - 19 July 2022
Mac is Back-Doored- https://www.bleepingcomputer.com/news/security/elastix-voip-systems-hacked-in-massive-campaign-to-install-php-web-shells/
Fake Crypto Apps -
https://www.zdnet.com/article/fbi-these-fake-apps-are-trying-to-steal-your-crypto-heres-what-to-watch-out-for/
FlipKart Breach -
https://techcrunch.com/2022/07/18/cleartrip-data-breach-dark-web/
SATAn Air Gapped Attack- https://thehackernews.com/2022/07/new-air-gap-attack-uses-sata-cable-as.html
Russians Hiding on the Cloud -
https://www.bleepingcomputer.com/news/security/russian-svr-hackers-use-google-drive-dropbox-to-evade-detection/
Hi, I’m Paul Torgersen. It’s Tuesday July 19th, 2022, and from Port Angeles, this is a look at the information security news from overnight.
From BleepingComputer.com:
Unknown threat actors are using a previously undetected malware to backdoor macOS devices and exfiltrate information. ESET researchers named the malware CloudMensis because it uses pCloud, Yandex Disk, and Dropbox public cloud storage services for C2 communications. It is not known yet how the malware is distributed. Details in the article.
From ZDNet.com:
The FBI has warned that criminal groups are creating fraudulent apps that mimic real financial services brands that have so far duped investors into parting with $42.7 million over the past six months. Many of these are mimicking cryptocurrency services as there continue to be a flood of new players in the space and some ambiguity around crypto investing. Details and links to the advisory in the article.
From TechCrunch.com:
Cleartrip, a popular travel-booking platform in India, has confirmed a data breach after hackers claimed to post the stolen data on the dark web. Exact details of the stolen data are not yet known, however analysis of the screenshots posted make it appear that significant amounts of data were accessed, including forward looking information, which may indicate an insider was involved.
From TheHackerNews.com:
Researchers have developed a new method to steal data from an air gapped machine using the Serial ATA cable. Dubbed SATAn, the attack uses the SATA cable as a covert channel to emanate electromagnetic signals and transfer information to a nearby receiver just over a meter away. Fortunately, this technique does require physical access to the machine initially, which obviously makes it much more difficult. On the other hand, Stuxnet required physical access as well, so you never know.
And last today, from BleepingComputer.com:
State-backed Russian hackers have started using legitimate Google Drive cloud storage services to evade detection. It is akin to hiding in plain sight by getting lost in the crowd. Google cloud storage is ubiquitous and pretty much universally trusted. Russian threat actors are abusing that trust to render their attacks exceedingly difficult, if not impossible, to detect and block.
That’s all for me. Have a great rest of your day. Like and subscribe, and until next time, be safe out there.
Episode 268 - 19 July 2022
Mac is Back-Doored- https://www.bleepingcomputer.com/news/security/elastix-voip-systems-hacked-in-massive-campaign-to-install-php-web-shells/
Fake Crypto Apps -
https://www.zdnet.com/article/fbi-these-fake-apps-are-trying-to-steal-your-crypto-heres-what-to-watch-out-for/
FlipKart Breach -
https://techcrunch.com/2022/07/18/cleartrip-data-breach-dark-web/
SATAn Air Gapped Attack- https://thehackernews.com/2022/07/new-air-gap-attack-uses-sata-cable-as.html
Russians Hiding on the Cloud -
https://www.bleepingcomputer.com/news/security/russian-svr-hackers-use-google-drive-dropbox-to-evade-detection/
Hi, I’m Paul Torgersen. It’s Tuesday July 19th, 2022, and from Port Angeles, this is a look at the information security news from overnight.
From BleepingComputer.com:
Unknown threat actors are using a previously undetected malware to backdoor macOS devices and exfiltrate information. ESET researchers named the malware CloudMensis because it uses pCloud, Yandex Disk, and Dropbox public cloud storage services for C2 communications. It is not known yet how the malware is distributed. Details in the article.
From ZDNet.com:
The FBI has warned that criminal groups are creating fraudulent apps that mimic real financial services brands that have so far duped investors into parting with $42.7 million over the past six months. Many of these are mimicking cryptocurrency services as there continue to be a flood of new players in the space and some ambiguity around crypto investing. Details and links to the advisory in the article.
From TechCrunch.com:
Cleartrip, a popular travel-booking platform in India, has confirmed a data breach after hackers claimed to post the stolen data on the dark web. Exact details of the stolen data are not yet known, however analysis of the screenshots posted make it appear that significant amounts of data were accessed, including forward looking information, which may indicate an insider was involved.
From TheHackerNews.com:
Researchers have developed a new method to steal data from an air gapped machine using the Serial ATA cable. Dubbed SATAn, the attack uses the SATA cable as a covert channel to emanate electromagnetic signals and transfer information to a nearby receiver just over a meter away. Fortunately, this technique does require physical access to the machine initially, which obviously makes it much more difficult. On the other hand, Stuxnet required physical access as well, so you never know.
And last today, from BleepingComputer.com:
State-backed Russian hackers have started using legitimate Google Drive cloud storage services to evade detection. It is akin to hiding in plain sight by getting lost in the crowd. Google cloud storage is ubiquitous and pretty much universally trusted. Russian threat actors are abusing that trust to render their attacks exceedingly difficult, if not impossible, to detect and block.
That’s all for me. Have a great rest of your day. Like and subscribe, and until next time, be safe out there.
View all episodes
By Paul TorgersenA daily look at the relevant information security news from overnight - 19 July, 2022
Episode 268 - 19 July 2022
Mac is Back-Doored- https://www.bleepingcomputer.com/news/security/elastix-voip-systems-hacked-in-massive-campaign-to-install-php-web-shells/
Fake Crypto Apps -
https://www.zdnet.com/article/fbi-these-fake-apps-are-trying-to-steal-your-crypto-heres-what-to-watch-out-for/
FlipKart Breach -
https://techcrunch.com/2022/07/18/cleartrip-data-breach-dark-web/
SATAn Air Gapped Attack- https://thehackernews.com/2022/07/new-air-gap-attack-uses-sata-cable-as.html
Russians Hiding on the Cloud -
https://www.bleepingcomputer.com/news/security/russian-svr-hackers-use-google-drive-dropbox-to-evade-detection/
Hi, I’m Paul Torgersen. It’s Tuesday July 19th, 2022, and from Port Angeles, this is a look at the information security news from overnight.
From BleepingComputer.com:
Unknown threat actors are using a previously undetected malware to backdoor macOS devices and exfiltrate information. ESET researchers named the malware CloudMensis because it uses pCloud, Yandex Disk, and Dropbox public cloud storage services for C2 communications. It is not known yet how the malware is distributed. Details in the article.
From ZDNet.com:
The FBI has warned that criminal groups are creating fraudulent apps that mimic real financial services brands that have so far duped investors into parting with $42.7 million over the past six months. Many of these are mimicking cryptocurrency services as there continue to be a flood of new players in the space and some ambiguity around crypto investing. Details and links to the advisory in the article.
From TechCrunch.com:
Cleartrip, a popular travel-booking platform in India, has confirmed a data breach after hackers claimed to post the stolen data on the dark web. Exact details of the stolen data are not yet known, however analysis of the screenshots posted make it appear that significant amounts of data were accessed, including forward looking information, which may indicate an insider was involved.
From TheHackerNews.com:
Researchers have developed a new method to steal data from an air gapped machine using the Serial ATA cable. Dubbed SATAn, the attack uses the SATA cable as a covert channel to emanate electromagnetic signals and transfer information to a nearby receiver just over a meter away. Fortunately, this technique does require physical access to the machine initially, which obviously makes it much more difficult. On the other hand, Stuxnet required physical access as well, so you never know.
And last today, from BleepingComputer.com:
State-backed Russian hackers have started using legitimate Google Drive cloud storage services to evade detection. It is akin to hiding in plain sight by getting lost in the crowd. Google cloud storage is ubiquitous and pretty much universally trusted. Russian threat actors are abusing that trust to render their attacks exceedingly difficult, if not impossible, to detect and block.
That’s all for me. Have a great rest of your day. Like and subscribe, and until next time, be safe out there.
Episode 268 - 19 July 2022
Mac is Back-Doored- https://www.bleepingcomputer.com/news/security/elastix-voip-systems-hacked-in-massive-campaign-to-install-php-web-shells/
Fake Crypto Apps -
https://www.zdnet.com/article/fbi-these-fake-apps-are-trying-to-steal-your-crypto-heres-what-to-watch-out-for/
FlipKart Breach -
https://techcrunch.com/2022/07/18/cleartrip-data-breach-dark-web/
SATAn Air Gapped Attack- https://thehackernews.com/2022/07/new-air-gap-attack-uses-sata-cable-as.html
Russians Hiding on the Cloud -
https://www.bleepingcomputer.com/news/security/russian-svr-hackers-use-google-drive-dropbox-to-evade-detection/
Hi, I’m Paul Torgersen. It’s Tuesday July 19th, 2022, and from Port Angeles, this is a look at the information security news from overnight.
From BleepingComputer.com:
Unknown threat actors are using a previously undetected malware to backdoor macOS devices and exfiltrate information. ESET researchers named the malware CloudMensis because it uses pCloud, Yandex Disk, and Dropbox public cloud storage services for C2 communications. It is not known yet how the malware is distributed. Details in the article.
From ZDNet.com:
The FBI has warned that criminal groups are creating fraudulent apps that mimic real financial services brands that have so far duped investors into parting with $42.7 million over the past six months. Many of these are mimicking cryptocurrency services as there continue to be a flood of new players in the space and some ambiguity around crypto investing. Details and links to the advisory in the article.
From TechCrunch.com:
Cleartrip, a popular travel-booking platform in India, has confirmed a data breach after hackers claimed to post the stolen data on the dark web. Exact details of the stolen data are not yet known, however analysis of the screenshots posted make it appear that significant amounts of data were accessed, including forward looking information, which may indicate an insider was involved.
From TheHackerNews.com:
Researchers have developed a new method to steal data from an air gapped machine using the Serial ATA cable. Dubbed SATAn, the attack uses the SATA cable as a covert channel to emanate electromagnetic signals and transfer information to a nearby receiver just over a meter away. Fortunately, this technique does require physical access to the machine initially, which obviously makes it much more difficult. On the other hand, Stuxnet required physical access as well, so you never know.
And last today, from BleepingComputer.com:
State-backed Russian hackers have started using legitimate Google Drive cloud storage services to evade detection. It is akin to hiding in plain sight by getting lost in the crowd. Google cloud storage is ubiquitous and pretty much universally trusted. Russian threat actors are abusing that trust to render their attacks exceedingly difficult, if not impossible, to detect and block.
That’s all for me. Have a great rest of your day. Like and subscribe, and until next time, be safe out there.