Cyber attack disrupts esports, Qbot overtakes Emotet, CircleCI breached
Cyber attack disrupts esport event
Organizers for the 24 Hours of Le Mans Virtual esports event confirmed it suffered a “suspected security breach” across two servers used in the event. This resulted in several drivers getting disconnected and thrown out of the game, including current Formula 1 World Champion Max Verstappen, who led the event at the time he got booted. Race organizers said they will take actions to increase security and aim to restart race activities as soon as possible.?
(BitDefender )
Qbot overtakes Emotet
Check Point released its Global Threat Index for December 2022, finding that the Qbot trojan overtook the prevalent Emotet botnet as the most prevalent malware in the wild, hitting 7% of global organizations. Among other trends found in the report, the Glupteba blockchain Trojan botnet returned to the top 10 for the first time since July, and the Android ad-distributor malware Hiddad rose to the top-three in mobile malware. Overall Check Point found a growing trend of malware masquerading as legitimate software to let attackers access systems without raising suspicions.?
CircleCI breach caused by infostealer
The continuous integration platform confirmed it experienced a data breach on January 4th. Infostealing malware on an employee laptop resulted in the leaked data. As a result, attackers were able to capture a valid 2FA-backed single sign-on session on December 16th. The antivirus software on the laptop did not detect the malware. Due to the employees access, attackers were able to access some production systems. CircleCI encrypted the accessed data, but the attacker extracted encryption keys from a running process. The company said it closed the attack vector and added additional layers of security.?
Twitter cuts off third-party clients
Last week, users of some third-party Twitter clients began to report seeing errors with Twitter’s API, resulting in the clients no longer updating. At the time of this recording, the company and CEO Elon Musk did not comment on the outage. It remained unclear if this occurred due to a technical issue, not impossible given Twitter’s recent mass layoffs. However The Information reports that according to an internal Slack message, “Third-party app suspensions are intentional.” Slack messages also show Twitter “started to work on comms” regarding revoking this access, but had no estimate when it would be ready.?
领英推荐
And now a word from our sponsor, Cerby
Didi cleared to register new users
Since China launched its crackdown on Big Tech companies in 2021, Didi Global remained in the government’s regulatory crosshairs. Following a listing on the New York Stock Exchange, the Cyberspace Administration of China required the firm to undergo a “cybersecurity review.” This required it to delist from the exchange, stop accepting new registrations for new users, and delist its apps from app stores. After paying record fines last year, the company now says regulators cleared it to register new users for its core ride hailing services. The company said it took measures to ensure platform safety and data security, and safeguard national cyberspace security.?
(Reuters )
Binance freezes crypto withdrawal by Lazarus Group
Last summer, security researcher tied the North Korean threat organization Lazarus Group to an attack on the Horizon birdge used by the blockchain company Harmony. The attack exfiltrated roughly $100 million worth of crypto assets. Now Binance reported it detected the group trying to launder funds through the Huobi exchange. It contacted the exchange and worked together to freeze and recover 121 Bitcoin, worth about $2.5 million. Cryptocurrency investigator ZachXBT noted that over the weekend, the group moved about 41,000 Ether, worth about $64 million, before Binance detected any activity.??
China leads in AI research
We cover a lot of potential malicious use cases of emerging AI systems. Most of the ones we cover come from companies with ties to the US. However, a new study from Nikkei and the Dutch scientific publisher Elsevier, found that of?AI-related academic papers published in 2021, China produced about 31%, 43,000 papers, almost double the papers from the US. China also led in the most cited papers, accounting for 7,401 of the top 10% of citations by other papers. Overall academic papers on AI increased from about 25,000 in 2012 to about 135,000 in 2021.??
(Nikkei )
US to launched third “Hack the Pentagon” bug bounty
The US Department of Defense initially ran the bug bounty program in 2016 and hasn’t been operated since a second 2018 initiative. DOD confirmed it will launch a third iteration. This will focus on finding vulnerabilities in the Facility Related Controls System (FRCS) network. FRCS infrastructure monitors systems used at government facilities, controlling fire and safety systems, HVAC, and physical security. The department will work with trusted contracts on the program, providing access to assets for a 72 hour “challenge phase” window. The program will only operate on unclassified systems and operation technology.?