Engadget: Biden administration bans federal agencies from using commercial spyware. “In an executive order signed Monday, President Biden barred federal agencies from using commercial spyware that threatens US national security or carries a risk of improper use by foreign governments and individuals. “
Bleeping Computer: Dole discloses employee data breach after ransomware attack. “Fresh produce giant Dole Food Company has confirmed threat actors behind a February ransomware attack have accessed the information of an undisclosed number of employees. Dole employs around 38,000 people worldwide, providing fresh fruits and vegetables to customers in more than 75 countries.”
Bloomberg: Google Suspends Pinduoduo After Finding Malware in Versions. “Google has suspended PDD Holdings Inc.’s main Chinese shopping app Pinduoduo after discovering malware in unsanctioned versions of the software, dealing a blow to one of the country’s biggest online retailers.”
Tom’s Guide: Look out! These AI-generated YouTube tutorials are spreading dangerous malware. “According to a new report(opens in new tab) from the no-code platform CloudSEK, there has been a 200-300% month-to-month increase since November of last year of YouTube videos containing malicious links in their descriptions. These links take unsuspecting users to fake sites where their devices are infected with the Vidar, RedLine, Raccoon and other info-stealing malware.”
Bleeping Computer: Fruit giant Dole suffers ransomware attack impacting operations. “Dole Food Company, one of the world’ largest producers and distributors of fresh fruit and vegetables, has announced that it is dealing with a ransomware attack that impacted its operations.”
Search Engine Journal: WordPress Vulnerability: ShortPixel Enable Media Replace Plugin. “National Vulnerability Database published a vulnerability advisory about the ShortPixel Enable Media Replace WordPress plugin used by over 600,000 websites. A high severity vulnerability was discovered that could allow an attacker to upload arbitrary files. The United States Vulnerability Database (NVD) assigned the vulnerability a score of 8.8 out of 10, with 10 being the highest severity.”
Engadget: City of Oakland declares state of emergency in wake of ransomware attack. “While Oakland previously assured residents that 911 dispatch and fire emergency services weren’t affected by the breach, its police department warned people that the attack has delayed response times. It’s now encouraging people to file reports online for non-emergency complaints. Oakland also had to close some of its buildings and is now asking people to email government offices’ service counters before coming to visit.”
Ars Technica: ~11,000 sites have been infected with malware that’s good at avoiding detection. “Nearly 11,000 websites in recent months have been infected with a backdoor that redirects visitors to sites that rack up fraudulent views of ads provided by Google Adsense, researchers said.”
Ars Technica: Hackers are selling a service that bypasses ChatGPT restrictions on malware. “Hackers have devised a way to bypass ChatGPT’s restrictions and are using it to sell services that allow people to create malware and phishing emails, researchers said on Wednesday.”
NBC Bay Area: City of Oakland Hit With Ransomware Attack. “Oakland was the victim of a ransomware attack that began Wednesday night, police and city officials said Friday. The city’s information technology department is working with law enforcement to determine the scope and severity of the attack.”
Ars Technica: Until further notice, think twice before using Google to download software. “Searching Google for downloads of popular software has always come with risks, but over the past few months, it has been downright dangerous, according to researchers and a pseudorandom collection of queries.”
WIRED: The Untold Story of a Crippling Ransomware Attack. “Today, more than two years later, Hackney Council is still dealing with the colossal aftermath of the ransomware attack. For around a year, many council services weren’t available. Crucial council systems—including housing benefit payments and social care services—weren’t functioning properly. While its services are now back up and running, parts of the council are still not operating as they were prior to the attack.”
Bleeping Computer: Shady reward apps on Google Play amass 20 million downloads. “The applications promote themselves as health, pedometer, and good habit-building apps, promising to give users random rewards for staying active in their daily lives, reaching distance goals, etc. According to a report by the Dr. Web antivirus, though, the rewards may be impossible to cash out or are only made available partially after forcing users to watch a large number of advertisements.”
CNN: FBI seizes website used by notorious ransomware gang. “FBI officials since July have had extraordinary access to the so-called Hive ransomware group’s computer networks, FBI Director Christopher Wray said at a news conference, allowing the bureau to pass computer ‘keys’ to victims so that they could decrypt their systems and thwart $130 million in ransom payments.”
Ars Technica: Ransomware victims are refusing to pay, tanking attackers’ profits. “Two new studies suggest that ransomware isn’t the lucrative, enterprise-scale gotcha it used to be. Profits to attackers’ wallets, and the percentage of victims paying, fell dramatically in 2022, according to two separate reports.”
The ResearchBuzz Firehose is regular RB content presented as individual posts.
For digest-type posts a couple of times a day, please visit ResearchBuzz.
Want to know how to best use the Firehose for content discovery?
Check out this handy article.