Security Leftovers
-
‘Pig butchering’ scams on the rise, luring victims with promises of relationships and riches
These types of scams that seek to dupe unsuspecting targets can leave victims financially and emotionally devastated.
-
Kimmel Center, Philadelphia Orchestra websites hit by cyber attack
A cyber attack Friday crippled ticket sales and ticketing functions at the city’s largest arts presenter. Websites for the Kimmel Center and Philadelphia Orchestra were down, and patrons were left with scant information about the exact nature of the disruption.
-
Pepsi Bottling Ventures suffers data breach after malware attack
Pepsi Bottling Ventures LLC suffered a data breach caused by a network intrusion that resulted in the installation of information-stealing malware and the extraction of data from its IT systems.
Pepsi Bottling Ventures is the largest bottler of Pepsi-Cola beverages in the United States, responsible for manufacturing, selling, and distributing popular consumer brands. It operates 18 bottling facilities across North and South Carolina, Virginia, Maryland, and Delaware.
-
B&G Foods attacked by Daixin Team; files leaked
A spokesperson for Daixin informs DataBreaches that B&G was locked on February 4. On inquiry, Daixin’s spokesperson wasn’t sure whether they had encrypted all backups and stated that the firm could have recovered. When asked how they had contacted B&G and whether B&G ever responded, Daixin told DataBreaches that they had left notes on the local network and sent several communications, but B&G did not appear in the chat to respond or try to negotiate.
-
Finnish minister's WhatsApp hacking, Marin meme sending remain a mystery
"I know I didn't send [the meme] myself because I was busy at the time," minister Lintilä told a regional paper over the weekend.
-
I Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation Signed Malware [iophk: Windows TCO]
Mandiant has continually observed threat actors use compromised, stolen, and illicitly purchased code-signing certificates to sign malware, lending legitimacy and subverting security controls such as application allow-listing policies. Attestation signed drivers take the trust granted to them by the CA and transfers it to a file whose Authenticode signature originates from Microsoft itself. We assess with high confidence that threat actors have subverted this process using illicitly obtained EV code signing certificates to submit driver packages via the attestation signing process, and in effect have their malware signed by Microsoft directly.