Security News > 2022 > September

Google and its YouTube subsidiary have joined other social media networks pledging to keep the 2022 US midterm elections safe and free from Russian trolls - and anyone else spewing democracy-damaging disinformation - by taking down such content. The election strategies follow Google's move to ban MAGA message-board Truth Social from its Play store until the app removes content that incites violence.

iStock has over 13,000 royalty-free images of squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

A US man has admitted he broke the law when he used 3D printers to make components converting semi-automatic guns to full auto. Kent Edward Newhouse, 41, a convicted felon of Jacksonville, Mississippi, pleaded guilty [PDF] to two counts of being a felon in possession of a firearm and one count of engaging in business as a manufacturer of firearms.

The BlackCat/ALPHV ransomware gang claimed responsibility for an attack that hit the systems of Italy's energy agency Gestore dei Servizi Energetici SpA over the weekend. A GSE spokesperson disclosed that its website and systems were taken down to block the attackers from gaining access to the data after detecting the attack on Sunday night-GSE's website is still down, almost a week after the incident.

Cybercriminals using Prynt Stealer to collect data from victims are being swindled by the malware developer, who also receives a copy of the info over Telegram messaging service. Prynt Stealer can steal cryptocurrency wallet information, sensitive info stored in web browsers, VPN account data, cloud gaming account details.

Electronics giant Samsung has confirmed a new data breach today after some of its U.S. systems were hacked to steal customer data. Samsung later discovered on August 4 that customer personal information was accessed and exfiltrated out of its network.

US mobile carriers know a lot about where their customers are located, and according to letters sent to the Federal Communications Commission, they routinely store such data for years, willingly hand it over to law enforcement if served a proper subpoena, and say users can't opt out. News that cellular carriers are storing sensitive location data isn't surprising given previous actions taken against AT&T, Verizon, T-Mobile US and Sprint by the FCC in 2020 for selling location data to third parties.

Damart, a French clothing company with over 130 stores across the world, is being extorted for $2 million after a cyberattack from the Hive ransomware gang. Damart has not engaged in negotiations with the cybercriminals yet but informed the national police of the incident, which makes it unlikely that Hive would receive a payment.

Damart, a French clothing company with over 130 stores across the world, is being extorted for $2 million after a cyberattack from the Hive ransomware gang. A report from Valéry Marchive, who was able to retrieve a leaked ransom note and published details on LeMagIT, notes that the hackers are not willing to negotiate and expect parent company Damartex to pay the full ransom.

Researchers discovered a private Telegram channel-based backdoor in the information stealing malware, dubbed Prynt Stealer, which its developer added with the intention of secretly stealing a copy of victims' exfiltrated data when used by other cybercriminals. Prynt Stealer, which came to light earlier this April, comes with capabilities to log keystrokes, steal credentials from web browsers, and siphon data from Discord and Telegram.