38TB of data accidentally exposed by Microsoft AI researchers

Wiz Research found a data exposure incident on Microsoft’s AI GitHub repository, including over 30,000 internal Microsoft Teams messages – all caused by one misconfigured SAS token

#AI #CoSoSec

https://www.wiz.io/blog/38-terabytes-of-private-data-accidentally-exposed-by-microsoft-ai-researchers

Thread:

https://twitter.com/hillai/status/1703771673411871227

California state Legislature has passed the Delete Act to allow individuals to order data brokers to delete their personal data — and to cease acquiring and selling it in the future.

The Delete Act isn’t law yet. Democratic Gov. Gavin Newsom still has to decide whether to sign the measure, whose impact could potentially extend well beyond state lines given California’s history of setting similar trends.

#DataBrokers #CoSoSec

What the Bill Does

https://www.securityweek.com/imagine-making-shadowy-data-brokers-erase-your-personal-info-californians-may-soon-live-the-dream/

Apple and Google Are Introducing New Ways to Defeat Cell Site Simulators, But Is it Enough?

#CoSoSec

Cell-site simulators (CSS)—also known as IMSI Catchers and Stingrays—are a tool that law enforcement and governments use to track the location of phones, intercept or disrupt communications, spy on foreign governments, or even install malware

https://www.eff.org/deeplinks/2023/09/apple-and-google-are-introducing-new-ways-defeat-cell-site-simulators-it-enough

If you use Google 2fa authentication app you probably should turn OFF the sync to cloud option

#CoSoSec

Retool blames breach on Google Authenticator MFA cloud sync feature

Software company Retool says the accounts of 27 cloud customers were compromised following a targeted and multi-stage social engineering attack.

https://www.bleepingcomputer.com/news/security/retool-blames-breach-on-google-authenticator-mfa-cloud-sync-feature/

ALPHV ransomware group has posted a long message about MGM Resorts

#CoSoSec

From their leak site

Google Wallet Exploit Reveals Credit Card Details to NFC Devices

A fix is included with the September 2023 security patch, which is still being deployed.

#CoSoSec

A strange Google Wallet bug, which affects smartphones running Android 5.0 and up, may expose your credit card details under a very specific set of circumstances.

demonstrated by MrTiz on GitHub and YouTube, the CVE-2023-35671 vulnerability is due to a loophole in Android's Screen Pinning tool.

https://github.com/MrTiz/CVE-2023-35671#cve-2023-35671

Google, Mozilla, Microsoft, and Brave have each issued critical security patches, reports Stack Diary. The patches address a vulnerability that an attacker could use to gain access to or run malicious code on your computer

#CoSoSec #Browsers

https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/

update EVERYTHING - every app that has an update

The Greater Manchester police force has become the latest entity to fall victim to a now well-established form of cyberattack: the ransomware hack

#CoSoSec

https://www.theguardian.com/technology/2023/sep/14/who-is-behind-latest-wave-of-ransomware-attacks

Exclusively for Startpage users - get 50% OFF your StartMail account!

#CoSoSec

PGP encrypted emails
Seamlessly migrate emails and contacts
Password protected email
Unlimited custom aliases
20GB of storage

SAVE 50%
per month, billed annually
First year at $29.98 | Renews at $59.95

https://www.startmail.com/startpage/

https://counter.social/@ecksmc/111033942780572271

Update Notepad++ now

Notepad++ version 8.5.7 has been released with fixes for multiple buffer overflow zero-days, with one marked as potentially leading to code execution by tricking users into opening specially crafted files.

#CoSoSec

https://www.bleepingcomputer.com/news/security/notepad-plus-plus-857-released-with-fixes-for-four-security-vulnerabilities/

TECHNICAL SUMMARY:
Multiple vulnerabilities have been discovered in Notepad++, the most severe of which could allow for arbitrary code execution. Details of these vulnerabilities are as follows:

https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-notepad-could-allow-for-arbitrary-code-execution_2023-102

Online security is no longer a luxury but an absolute necessity in today's digital age. For the average internet user, spotting the reassuring green padlock symbol and the "https://" prefix in their browser's address bar has become a common sight, indicating a secure connection.

However, hidden beneath this facade of security lurks a menacing threat known as "HTTPS spoofing"

#CoSoSec

Understanding HTTPS Spoofing: A Deceptive Online Threat

https://www.cysecurity.news/2023/09/understanding-https-spoofing-deceptive.html

Researchers at the University of Wisconsin–Madison have demonstrated that Chrome browser extensions can steal passwords from the text input fields in websites, even if the extension is compliant with Chrome's latest security and privacy standard, Manifest V3.

#CoSoSec

https://www.bleepingcomputer.com/news/security/chrome-extensions-can-steal-plaintext-passwords-from-websites/

{PDF URL}

https://arxiv.org/pdf/2308.16321.pdf

Cuckoo Sandbox is free software that automated the task of analyzing any malicious file under Windows, macOS, Linux, and Android.

You can throw any suspicious file at it and in a matter of minutes Cuckoo will provide a detailed report outlining the behavior of the file when executed inside a realistic but isolated environment

#CoSoSec #TipsAndTricks

https://cuckoosandbox.org/

Useful resources for SOC Analyst and SOC Analyst candidates.

https://github.com/LetsDefend/awesome-soc-analyst

Make privacy easy with Incogni

The cybersecurity firm Surfshark recognized the negative impacts of data brokers and formed Incogni to give people a chance to take their information off the Internet and reclaim their privacy.

Incogni is a subscription service that confronts the data brokers on your behalf.

https://incogni.com/

#CoSoSec #TipsAndTricks

Use code “9to5google” for 55% off with an Incogni annual plan

30-day money-back guarantee

Modern cars are a privacy nightmare, and there’s no way to opt out

#CoSoSec

According to a new report from Mozilla, every major car brand has glaring privacy concerns — so much so that Mozilla ranked cars as “the official worst category of products for privacy.” That’s below notoriously privacy-unaware product categories, like mental health apps and sex toys.

https://foundation.mozilla.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy

Google’s Threat Analysis Group (TAG) has shed light on a cyber campaign originating from North Korea, targeting security researchers engaged in vulnerability research and development.

#CyberSecurity #CoSoSec

the team has discovered the exploitation of at least one zero-day vulnerability in the last few weeks, prompting TAG to promptly report the issue to the affected vendor

North Korean threat actors used social media sites like X to build rapport with their targets

https://blog.google/threat-analysis-group/active-north-korean-campaign-targeting-security-researchers/

A Windows 7 machine belonging to a high-security fencing company was the stunning weak link in a shocking cybersecurity incident that exposed vital military data. This hack not only underlines the need for organizations, including those that don't seem to be in the military industry, to maintain strong digital defenses, but it also raises questions about the health of cybersecurity policies.

#CoSoSec

UK Military Data Breach via Outdated Windows 7 System

https://www.cysecurity.news/2023/09/uk-military-data-breach-via-outdated.html

DNS Security & You: What is DNS Protection?

#CoSoSec

https://blog.controld.com/dns-security-and-you-what-is-dns-protection

I use CTRL-D it's a good service if you are interested in using a secure DNS service I'd say try CTRL-D - it's not just for organizations or businesses anyone can use it

See Tickets, recently reported a data breach that exposed the payment card information of over 300,000 customers.

#CoSoSec

The compromised information includes:

Customer names
Addresses
Debit or credit card numbers in combination with security codes, access codes, passwords, or PINs

This attack reveals the prevalence of credit card skimming malware, in which criminals insert malicious code into a website’s checkout pages to steal users’ payment card info

https://apps.web.maine.gov/online/aeviewer/ME/40/9507cec8-0c8c-46b7-bccf-c8baea5b2477.shtml

"The following is my 0day. This code, when executed on any website, disconnects the AtlasVPN linux client and leaks the users IP address. I am not yet aware of it being used in the wild. However, it shows that AtlasVPN does not take their users safety serious, because their software security decisions suck so massively that its hard to believe this is a bug rather than a backdoor"

#Linux #CoSoSec

AtlasVPN Linux Client 1.0.3 IP Leak Exploit

https://seclists.org/fulldisclosure/2023/Sep/0