Cyber Security Headlines: X collects employment histories, Sandworm Chisel analysis, Callaway breach

X to collect member employment data

The application formerly known as Twitter is now offering a new service to its X Premium members – the collection of a selfie photo, employment, and educational history, with consent. According to the X privacy policy update, this is to “recommend potential jobs for you, to share with potential employers when you apply for a job.” This may indicate a desire on the part of X to move into territory largely dominated by LinkedIn, especially in light of its purchase last May of a tech recruiting service called Laskie.

(BBC News)

Technical details of Sandworm malware ‘Infamous Chisel’ released

Security agencies from the Five Eyes intelligence alliance – the US, the UK, New Zealand, Canada, and Australia, have released technical information of malware named Infamous Chisel, used by the Russian hacking group Sandworm as part of the war effort against Ukraine. The malware focused on Android devices used by members of Ukrainian military and was deigned to collect intelligence. Largely searching for files with .jpg or .txt extensions, Infamous Chisel is considered in the report as “low to medium sophistication, giving little thought to avoiding detection.” Cyberscoop points out that since many Android devices do not have a host-based detection system, there are few ways to monitor the Android devices for malicious behavior.

(Cyberscoop and CISA)

Golf club maker Callaway suffers breach

The breach occurred about one month ago, and golf equipment maker Topgolf Callaway says this resulted in the personal and account data of more than a million customers being exposed, including account passwords and answers to security questions. The notice also specifies that “no payment card information, government ID, or Social Security Numbers (SSNs) were exposed.” Customers are now being redirected to a reset password page. No mention of a cause has been made public, other than describing the even as an “IT incident.” The company has stated that additional security measures are being put in place to prevent a reoccurrence.

(Bleeping Computer and Cybernews)

Windows WordPad to be retired after 28 years

WordPad, a word processing app that sat somewhere between Microsoft Word and Notepad on the Windows platform “is no longer being updated and will be removed in a future release of Windows,” per a deprecated features announcement from the company made Friday. Bleeping Computer adds that “while not tagged by Redmond as the reason for discontinuing WordPad, earlier this year, the Qbot malware operation also started infecting computers and evading detection by abusing a DLL hijacking flaw in the Windows 10 WordPad app.”

(Bleeping Computer and Microsoft)

Huge thanks to our sponsor, DataBee, from Comcast Technology Solutions

“Data is the currency of the 21st century”, yet for so many cybersecurity professionals, it’s still too difficult to access, correlate and use this ‘currency’ for better, faster security and compliance decision-making. That’s why Comcast Technology Solutions created DataBee™, a cloud-native security data fabric platform that can help you turn your security data into valuable business ‘currency’. Learn more at

NIST publishes new draft of cybersecurity and privacy learning program

As an update to the 2003 version, this document intends to provide guidance on “building a cybersecurity and privacy learning program.” Included within the goals of this update are: “to integrate privacy with cybersecurity in the development of organization-wide learning programs,” and “to introduce a life cycle model that allows for ongoing, iterative improvements and changes to accommodate cybersecurity, privacy, and organization-specific events.” A public comment period is open until October 27, 2023.

(Lawrence Munro via LinkedIn and NIST)

Children’s online safety laws blocked in Texas and Arkansas

Two federal judges have granted preliminary injunctions blocking the passage of two child safety laws. The Social Media Safety Act is an Arkansas law that would prevent children from creating accounts on large social media apps without parental permission, and the Texas law is intended to keep children from “accessing content that is meant for adults.” According to The Record, “the tech industry trade group NetChoice, which represents Google, Meta, and TikTok, among others, sued in June to block the law on the grounds that it is unconstitutional and would place an onerous burden on digital platforms.” In his ruling, U.S. District Judge Timothy Brooks stated that “not targeted to address the harms it has identified,” and he also suggests that age-gating is not effective, and that the law “ignores experts’ views that parental oversight is what is really needed to insulate children from potential harms that lurk on the internet.”

(The Record)

Companies using software to track remote workers

An article in Business Insider highlights how certain companies are using keystroke monitoring software to track remote workers’ time on the keyboard, resulting in dismissals when a required number of keystrokes per hour is not achieved. Named in the story are large companies like JPMorgan and Tesla. It also quotes an earlier New York Times story that showed that eight of the 10 largest US private companies track their employees’ productivity. The story also refers to a Business Insider article from October 2022 which points out that “not turning your webcam on for a work meeting may get people fired with little chance of winning a wrongful termination claim.”

(Business Insider)

Last week in ransomware

The Chambersburg Area School District in southern Pennsylvania, announced last week that it would stay open despite an attack that has yet to be confirmed as ransomware, and similarly, the University of Michigan says it has restored its systems following an attack last weekend. Clothing retailer Forever 21 has filed reports of a breach that affected current and former employees but has not confirmed whether ransomware was involved. We also reported last week on breaches – not necessarily ransomware – affecting a French government employment agency, the offices of Montreal’s electrical infrastructure, and movie giant Paramount.

(Cyber Security Headlines and The Record)

Author, speaker, expert in the area where people and technology crash into each other, viewed from the organizational psychology perspective. Host of many podcasts, voice actor and narrator for corporate media and audiobooks. Ghost-writer for busy executives.