Twitter Removes Source Code Leaked on GitHub By Suspected Former Employee
Image above by Markus Spiske from Pixabay.
Twitter has removed a source code used for its systems that is suspected to have been released on GitHub by a former employee. Twitter also submitted a subpoena request in California’s court system hoping that it would compel GitHub to release user data that would point to the culprit as well as other people who could have downloaded the code.
Last March 31, GitHub responded to Twitter’s Digital Millennium Copyright Act (DMCA) infringement notice because the leak incident divulged Twitter’s proprietary source code which could expose vulnerabilities in its platform and tools. Competitors of Twitter could also use the leaked code to gain business advantage.
Based on a New York Times report, the date when the code was leaked is unsure, but “it appeared to have been public for at least several months.”
Spyware-Enabling Android And iOS Zero-Day Vulnerabilities Continue To Be Discovered By GoogleImage above by Amy from Pixabay.
The Threat Analysis Group (TAG) from Google continues to encounter multiple exploit paths using Android and iOS zero-day vulnerabilities that enable spyware and malicious apps to be downloaded on the devices of targeted users.
The malicious actors attacked Android and Apple users with distinct exploit chains as early as November of last year.
Their method involved sending SMS messages that take the victims to pages activating exploits that abuse an iOS WebKit remote code execution zero-day and a sandbox escape bug. Afterwards, they then redirect the victims to real shipment websites using bit.ly shortened links.
They also place a payload on affected iOS devices and this enables them to determine the location of the victims and install .ipa files.
Malware Targeting Apple’s macOS Steals Loads Of Data From Apple Users
Image above by Gerd Altmann from Pixabay.
Apple’s macOS users have discovered their documents, passwords, and other information to have been obtained by data-stealing malware. Nicknamed “MacStealer,” the malware is purported to have the ability to steal cryptocurrency wallets and browser-stored data including credit card details and passwords to online accounts.
MacStealer is apparently being priced for only $100 per build on the dark web. Nodes for infection by this malware include websites for pirated materials, bogus apps in app stores, and email attachments.
Among Apple’s operating systems targeted by this malware include macOS Catalina and versions that employ Intel M1 and M2 CPUs.
In order to enable this malware, the threat actors lure their victims to download .DMG files that serve as containers for macOS applications. Once downloaded, a fake password prompt shows up to steal the user’s real password. MacStealer proceeds to store the stolen password in the compromised system’s temporary folder (TMP) where data that is subsequently stolen will also be stored.
GoAnywhere Data Breach Leads To Ransom Demanded From Crown Resorts Gaming Company
Image above by Tumisu from Pixabay.
Crown Resorts, the biggest casino and entertainment company in Australia, has affirmed that it was the victim of a data breach when its GoAnywhere file-sharing server was attacked using a zero-day vulnerability. Crown Resorts operates in Sydney, Melbourne, Perth, and London and has a yearly revenue of more than $8 billion.
The Russia-connected Clop ransomware gang is identified as the one responsible for the breach. This gang is known to have moved their operations last year from encrypting files to data extortion attacks.
Crown is now among a list of organizations that have been affected by the GoAnywhere vulnerabilities. Other organizations affected include Procter & Gamble, Toronto city government, Hatch Bank, and Hitachi Energy.
Crown maintains that there was no sensitive customer data stolen in the breach and its operations have not been affected.
Fortra, the maker of the GoAnywhere file transfer software, is currently battling a class action lawsuit in the United States where it is charged with a failure to maintain sufficient cybersecurity measures to protect sensitive data stored in its system.
1) For those looking for easy enrollment of a high volume of email signing and encryption S/MIME certificates for company staff members, Enterprise PKI (EPKI) Agreement is now available for Individual Validation + Organization Validation (IV+OV) S/MIME certificate validation. An Enterprise PKI (EPKI) Agreement allows an authorized representative to assume responsibility for retaining and validating identity evidence of employees or contractors within a company or organization, enabling a single validation process for an entire organization. Click this link to learn more about the EPKI Agreement Setup.
2) SSL.com’s Document Signing Watch Folder service is now available for our customers. This is a digital signing service for Windows and Linux that can be used to sign bulk volumes of electronic documents (including PDFs) by simply placing them into a local folder. Click here to learn more about the Document Signing Watch Folder service.< p align=”justify”>3) With input from most of its membership, the CA/Browser Forum is changing the OV & IV Code Signing Key Storage Requirements. The change date is June 1, 2023. OV & IV Code Signing Certificates will be issued on Yubico USB Tokens or available via the SSL.com eSigner cloud signing service. Additional information on this change can be found on the CA/Browser Forum website. Learn more about the SSL.com eSigner cloud code signing solution: https://www.ssl.com/esigner/.