Security Leftovers

posted by Roy Schestowitz on Apr 06, 2023,
updated Apr 06, 2023

• FBI seizes notorious cybercrime forum Genesis Market in ‘Operation Cookie Monster’

  The Federal Bureau of Investigation and numerous international authorities have seized the websites belonging to Genesis Market, an infamous source of stolen account data for hackers worldwide, alongside numerous arrests worldwide.

• Android’s April 2023 Updates Patch Critical Remote Code Execution Vulnerabilities

  Android’s April 2023 security updates were released this week with patches for two critical-severity vulnerabilities leading to remote code execution.

• FBI obtained detailed database exposing 60,000 users of the cybercrime bazaar Genesis Market

  The seizure comes along with the arrest of nearly 120 people around the world, including Americans, officials said.

• 120 Arrested as Cybercrime Website Genesis Market Seized by FBI

  The FBI has seized Genesis Market, a major cybercrime website offering stolen device fingerprints.

• Chinese site selling stolen accounts found exposing 600,000 records including customer information

  A Chinese site that sells stolen accounts and personal information has been found to have exposed over 600,000 records of stolen data and customer information. Detailed by security researcher Jerimiah Fowler at vpnMentor, the site is called Z2U and operates as a gaming market.

• Tax Return Filing Service eFile.com Caught Serving Malware

  Online tax return filing service eFile.com was injected with malicious JavaScript code serving malware to visitors.

• Chrome 112 Patches 16 Security Flaws

  Chrome 112 was released to the stable channel this week with 16 security fixes, including 14 for vulnerabilities reported by external researchers.

• Google threat analysis researchers detail activities of North Korean ‘Archipelago’ hackers

  Google LLC's Threat Analysis Group today released new information on a subset of the North Korean hacking group known as APT43 and what it's doing to protect users from this group.

• 'One Of The World's Largest' Cybercrime Markets, Believed To Be Located In Russia, Shut Down

  International police have shut down what they called "one of the world's largest" online markets dealing in millions of stolen identities and account details, Europol and U.S. officials said on April 5.

• FBI (and Others) Shut Down Genesis Market

  Genesis Market is shut down:

  [...]

  But earlier today, multiple domains associated with Genesis had their homepages replaced with a seizure notice from the FBI, which said the domains were seized pursuant to a warrant issued by the U.S. District Court for the Eastern District of Wisconsin...

• Ten Australians held after takedown of illegal cyber credentials market

  Queensland Police Service and Victoria Police on Thursday said the investigation that led to the seizure of the site had been led by the FBI and assisted by the AFP, NSW Police Force, Victoria Police, Queensland Police Service and Western Australia Police Force.

  It said at the time the site was taken down, it was offering access to more than 1.5 million compromised computers, each containing information for dozens of accounts.

  Genesis offered login credentials, browsing history, autofill form data and other sensitive data taken from compromised devices.

• Something to Always Keep in Mind

  I don’t write about my employment. A few people have contacted me since I started blogging to ask if I worked for a specific tech company. And my answer will always be the same: Radio silence.

  Part of what makes blogging here fun for me is that I’m not bound by any obligations to any company.

  When I publish security vulnerabilities, it’s in the interest of protecting end users from the products and services that could harm them. I don’t give a damn if the company in question gets egg on their face. I similarly don’t give a damn if I make them look good. Not my circus.

• Strengthening Linux Security: Enforcing Strong Password Policies for Users

  In a world where cyber threats are constantly evolving, securing your Linux environment is crucial to protect sensitive data and system resources. One of the most effective ways to enhance security is by enforcing strong password policies for users.

• Overcoming Challenges of Air-Gapped Kubernetes

  Military and intelligence agencies, hospitals and corporations all deploy air-gapped environments to protect their sensitive information from breaches and theft. An air-gapped environment aims to isolate and limit access to classified and sensitive data.

• Nexx Ignores Vulnerabilities Allowing Hackers to Remotely Open Garage Doors

  Nexx has ignored repeated attempts to report critical product vulnerabilities that can be exploited to remotely open garage doors, and take control of alarms and smart plugs.