See Tickets discloses 2.5 year-long credit card breach
Ticketing service provider ‘See Tickets’ has notified an undisclosed number of customers that cybercriminals might have accessed their payment card details using a skimmer on its website. See Tickets engaged forensic experts as well as Visa, MasterCard, American Express, and Discover to investigate the incident which revealed that the infection occurred back on June 25, 2019. However, See Tickets didn’t fully remove the malicious code from its site until January 8, 2022, leaving customers exposed for 2.5 years. Unfortunately, the company chose not to offer free credit monitoring services to affected customers..
US charges Chinese agents in Huawei obstruction case
On Monday, the US Department of Justice (DoJ) announced it has brought charges against two Chinese intelligence officers who allegedly attempted to steal information linked to the federal prosecution of Huawei. The Chinese agents paid $41,000 in Bitcoin to an agent working at the US Attorney’s Office in New York, in exchange for internal documentation. The Chinese agents thought the individual had been recruited by Beijing, however, it was actually a double-agent, who provided a fake document marked “Secret.” The two Chinese suspects could face a combined 60-year jail term in the unlikely event that they are caught.
Hive begins leaking Tata Power’s data
Earlier this month, Hive ransomware group claimed responsibility for a cyber attack on India’s largest power company, Tata Power. On Tuesday, Hive operators began posting data they claim to have stolen from Tata Power, which signals that their ransom negotiations failed. Stolen data appears to include company employees’ personally identifiable information (PII), National ID (Aadhar) card numbers, PAN (tax account) numbers, and salary information along with other info such as engineering drawings, financial and banking records and client information.
PoS malware used to steal more than 160,000 credit card numbers
Cybercriminals used two strains of point-of-sale (POS) malware to steal the details of more than 167,000 credit cards from payment terminals. The thieves may be able to sell the card info for roughly $3.3 million on underground forums. Nearly all of the victims are American with credit cards issued by US banks. Law enforcement have yet to attribute the malware to a particular crime group. To help thwart POS malware infections, companies should enforce strict password policies, keep software up to date and use network defense products and whitelisting to keep intruders out.
(The Register and Security Affairs)
Thanks to today’s episode sponsor, Votiro
VMware fixes critical Cloud Foundation RCE bug
On Tuesday, VMware released security updates that fix a critical vulnerability in VMware Cloud Foundation. Cloud Foundation is a hybrid cloud platform for running enterprise apps in private or public environments. The flaw (CVE-2021-39144) is in the XStream open-source library and carries a CVSS score of 9.8/10. The bug is particularly nasty because it can be exploited remotely by unauthenticated threat actors in low-complexity attacks. VMware has updated XStream to version 1.4.19 to resolve the issue and has also included security patches for end-of-life products.
Samsung’s ‘Maintenance Mode’ protects your data during phone repairs
After a successful pilot program in Korea, Samsung is now rolling out ‘Maintenance Mode’ to select Galaxy devices globally. The new setting will help protect user data when they physically hand over their phones for servicing. The new mode is available in Settings, under the “Battery and device care” menu and is enabled upon rebooting the device. The feature creates an auxiliary user account on the device, completely isolated from all user-installed apps, stored data, and the filesystem. Samsung will roll out the new feature gradually throughout 2023, starting with Galaxy S21 and S22 series models running on One UI 5.
CISOs struggle to articulate business impacts of cyber risks
According to a new survey from FTI Consulting, 85% of US CISOs indicated that cybersecurity has gained prominence on the Board’s agenda over the last 12 months. Additionally, 79% of CISOs feel heightened scrutiny from senior leadership. Unfortunately, 53% say their cybersecurity priorities are not completely aligned with C-suite leadership. Further, 58% of CISOs indicated they struggle to communicate technical information and cyber risk in a manner that the Board and senior leadership can understand. Other notable findings include 82% of CISOs feeling that they need to exaggerate their role to their Board while 46% of CISOs who experienced a cyber incident struggled to rebuild trust with leadership afterward.
K-8 students learn cybersecurity through gamification
A new, no-cost, gamified cyber education platform called Cyber Legends, aims to bolster student cyber readiness in K-8 schools across North America. The platform provides young students with engaging, curriculum-aligned lessons which teach them about passwords, identity theft, scams, phishing, cyber bullying, and social media issues. Teachers are provided with a dashboard showing where students are excelling, and where there’s room for improvement. The problem-based approach helps develop critical thinking and communication skills relating to student cyber safety.