Security News > 2022 > September

A ruling handed down from the Delhi High Court this week declared that Telegram must hand over information such as IP addresses, mobile numbers, and devices used by channels on the platform involved in copyright infringement. On behalf of Telegram, the platform's senior counsel, Amit Sibal, said that the arrangement already in place directing Telegram to take down the infringing channels was "Sufficient to protect the interest of the plaintiffs."

A combination of ransomware and distributed denial-of-service attacks, the onslaught disrupted government services and prompted the country's electrical utility to switch to manual control. But the attack against Montenegro's infrastructure seemed more sustained and extensive, with targets including water supply systems, transportation services and online government services, among many others.

NFL's San Francisco 49ers are mailing notification letters confirming a data breach affecting more than 20,000 individuals following a ransomware attack that hit its network earlier this year. The San Francisco Bay Area professional American football team confirmed that personal information belonging to 20,930 impacted individuals was accessed and/or stolen in the attack between February 6 and February 11, 2022.

More details have emerged about the operators behind the first-known phishing campaign specifically aimed at the Python Package Index, the official third-party software repository for the programming language. The attacks received a significant facelift last month when the JuiceLedger actors targeted PyPi package contributors in a phishing campaign, resulting in the compromise of three packages with malware.

According to recent studies, developers spend more time maintaining, testing and securing existing code than they do writing or improving code. Security vulnerabilities have a bad habit of popping up during the software development process, only to surface after an application has been deployed.

In another finding that could expose developers to increased risk of a supply chain attack, it has emerged that nearly one-third of the packages in PyPI, the Python Package Index, trigger automatic code execution upon downloading them. "A worrying feature in pip/PyPI allows code to automatically run when developers are merely downloading a package," Checkmarx researcher Yehuda Gelb said in a technical report published this week.

Researchers have identified functional similarities between a malicious component used in the Raspberry Robin infection chain and a Dridex malware loader, further strengthening the operators' connections to the Russia-based Evil Corp group. The findings suggest that "Evil Corp is likely using Raspberry Robin infrastructure to carry out its attacks," IBM Security X-Force researcher Kevin Henson said in a Thursday analysis.

Akamai's security research team examined potentially compromised devices, discovering that 12.3% communicated with domains associated with malware or ransomware during Q2 2022. This Help Net Security video uncovers how malicious DNS traffic affects people on the other end of the internet connection.

A "Major" security issue in the Google Chrome web browser, as well as Chromium-based alternatives, could allow malicious web pages to automatically overwrite clipboard content without requiring any user consent or interaction by simply visiting them. The clipboard poisoning attack is said to have been accidentally introduced in Chrome version 104, according to developer Jeff Johnson.

As part of digital transformation, more and more organizations are transforming their application using cloud native architecture to become more agile and accelerate time to market. They are increasingly adopting containers and Kubernetes to do so.