Twitter data leak, Uber hit with another breach, Chinese crypto gang arrest – CISO Series

Posted under Programming, Technology On By James Steward

On Friday, Twitter confirmed that earlier this year someone had potentially exploited a vulnerability that Twitter discovered back in January but took until June to fix. The flaw enabled someone submitting an email address to Twitter’s systems to find an associated phone number (if one existed) and vice versa. Twitter learned that vulnerability was taken advantage of when they discovered stolen information up for sale. Twitter confirmed that no passwords were exposed, but recommends that users enable 2-factor authentication (2FA) to protect accounts from unauthorized logins.
(Infosecurity Magazine)
Uber has suffered a sensitive data leak as a result of cyber-criminals gaining access to the AWS backup server of their third-party vendor, Teqtivity. Data leaked on a dark web forum appears to include source code associated with mobile device management platforms (MDM) used by Uber, Uber Eats and third-party vendor services. Operating under the pseudonym “UberLeaks,” the threat actors created four separate posts on the forum, each attributed to a different member of the infamous Lapsus$ hacking group.
(Infosecurity Magazine)
Chinese authorities have arrested 63 people accused of laundering as much as 12 billion Chinese yuan ($1.7 billion) via cryptocurrency. Starting in May 2021, the criminal gang allegedly used the proceeds from illicit sources including pyramid schemes, fraud and gambling and converted it into the cryptocurrency tether, a stablecoin that is pegged one-to-one with the US dollar. The gang allegedly used the messaging service Telegram, which is blocked in China, to recruit Chinese citizens to open crypto accounts to help launder the funds. Authorities say that, so far,  they’ve confiscated more than 130 million Chinese yuan from the gang.
On Monday, California’s Cybersecurity Integration Center (Cal-CSIC) confirmed that the finance department has fallen victim to a cyber-attack.The Cal-CSIC did not reveal specifics about the attack, but Russia-affiliated ransomware group LockBit has claimed responsibility. LockBit claims to have stolen 76GB of data, including IT and financial documents, confidential data and “sexual proceedings in court.” They added that the Department of Finance has until December 24 to pay up before they publish a cache of stolen files.
(Infosecurity Magazine)
Meta said that it’s planning to share its Hasher Matcher Actioner tool with other companies in an effort to combat terrorism and human trafficking across the internet. The tool finds duplicated images that violate its terms of service by matching image hashes, or digital fingerprints. Meta’s announcement comes as the company enters its yearlong chairmanship of the Global Internet Forum to Counter Terrorism (GIFCT). While releasing open-source software is critical in limiting the places where violating content can appear, it remains unclear how this will affect content on the dark web.
(ABC News)
Google has launched a new tool that allows developers to scan for vulnerabilities in open-source software dependencies used in their projects. The OSV Scanner draws data from, the distributed vulnerability database for open source code that Google released in February 2021. The scanner automatically matches code in all dependencies for a given software project and notifies developers when a security update is required. Google says the next step for OSV Scanner is to improve C/C++ vulnerability support. OSV Scanner is free for everyone to use without restrictions and can be downloaded via GitHub or the website.
(Bleeping Computer)
Yesterday, Mcrosoft issued its December 2022 Patch Tuesday updates, which featured fixes for 49 bugs including two zero-day vulnerabilities. The first of the zero-days is a Windows SmartScreen Security Feature Bypass Vulnerability (CVE-2022-44698) that is under active exploitation. The second is a DirectX Graphics Kernel Elevation of Privilege bug (CVE-2022-44710) which has a publicly available exploit. Overall, six of the 49 vulnerabilities fixed in the update are classified as ‘Critical’ as they allow remote code execution.
Meanwhile, Citrix has issued security updates for a ‘Critical’ zero-day vulnerability (CVE-2022-27518) in Citrix ADC and Gateway that state-sponsored hackers are actively exploiting to gain access to corporate networks.
And finally, Apple has confirmed that its November 30th iOS update 16.1.2 addressed a zero-day security vulnerability in WebKit, the browser engine that powers Safari and other apps. Apple indicates that the bug is now being actively exploited.
(Bleeping Computer [1][2] and TechCrunch)
Twitter’s former CEO and co-founder has responded to #TwitterFiles which have opened a flood of scrutiny on Twitter’s past content moderation practices. Dorsey asserts that social media platforms must be resilient to corporate and government influence and that only the original authors should be allowed to remove their content. He added that moderation should be localized (instead of centralized) and allow users to shape their own algorithms. Dorsey takes responsibility for not having implemented these principles during his tenure. The former CEO also addressed the suspension of Trump’s account which he described as, “the right thing for the public company business at the time, but the wrong thing for the internet and society.” Dorsey is advocating for open internet and protocol work through a series of #startsmall grants kicking off next week with a $1 million per year grant to Signal. 
Acting as a media network for cyber information and exchange, CISO Series is just a member of this fantastic community that unfortunately has some conflicts. We’re just putting ourselves at the center of the conversation, acting as couples counseling for security vendors and practitioners.

CISO Series: Delivering the most fun you’ll have in cybersecurity.
Contact us:
© 2021 CISO Series


Note that any programming tips and code writing requires some knowledge of computer programming. Please, be careful if you do not know what you are doing…

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.