Security News > 2022 > October

Sloppy data security at education tech giant Chegg exposed students and workers' personal information not once but four times in various ways over four years, according to the FTC. In response, the American consumer watchdog today ordered the company to better protect data, including encrypting sensitive information, providing multi-factor authentication to users and employees, limiting the amount of personal information it collects and retains, and training staff on security practices. Per an FTC order [PDF], the tech firm also has to notify "Each individual whose unencrypted Social Security number, financial account information, date of birth, user account credentials, or medical information was exposed" within the next 60 days.

That's how the data breach saga apparently unfolded at an infamous Finnish heathcare provider, now bankrupt, called Psychotherapy Centre Vastaamo. Early in October 2022, the Helsinki Times reported that the former CEO of Psychotherapy Centre Vastaamo, Ville Tapio, will himself face charges over what it described as a "Data protection offence information security vulnerabilities that resulted in a leak of sensitive information on thousands of patients".

Mozilla has fixed a known issue causing the Firefox web browser to freeze when copying text on Windows 11 devices where the Suggested Actions clipboard feature is enabled. The issue impacts Firefox users running Microsoft's latest OS release, Windows 11, version 22H2, where this new feature is enabled by default.

A new report shows that hackers are selling access to 576 corporate networks worldwide for a total cumulative sales price of $4,000,000, fueling attacks on the enterprise. Initial access brokers are hackers who sell access to corporate networks, usually achieved through credential theft, webshells, or exploiting vulnerabilities in publicly exposed hardware.

The U.S. Federal Trade Commission has sued education technology company Chegg after exposing the sensitive information of tens of millions of customers and employees in four data breaches suffered since 2017. The agency's proposed order would require Chegg to shore up data security, implement multifactor authentication to help users secure their accounts, limit collected and stored customer data, and allow customers to access and delete their data.

The White House has begun its second annual International Counter Ransomware Summit in which Biden administration officials will convene with representatives of three dozen nations, the EU, and private business to discuss the growing threat posed by data-destroying cyber attacks. According to administration officials previewing the Summit over the weekend, the two-day event will focus on priorities like improving system resilience and developing better plans to disrupt ransomware actors in the planning phases of digital assaults.

Clicking on the "Disagree with decision" button lead the users to either a perpetually loading screen, a "Try again later" message, or a request to enter their username, password and security code to verify their account. Some where automatically logged out and, after trying to log in again, are being told by Instagram that the account with that email address or phone number does not exist.

NSA, CISA, and the Office of the Director of National Intelligence have shared a new set of suggested practices that software suppliers can follow to secure the supply chain. "Prevention is often seen as the responsibility of the software developer, as they are required to securely develop and deliver code, verify third party components, and harden the build environment. But the supplier also holds a critical responsibility in ensuring the security and integrity of our software," the NSA said on Monday.

A threat group that targets corporate emails is delivering dropper malware through a novel technique that uses Microsoft Internet Information Services logs to send commands disguised as web access requests. The dropper, dubbed Geppei, is being used by a group Symantec threat researchers call Cranefly to install other undocumented malware.

The Chinese Cicada hacking group, tracked as APT10, was observed abusing security software to install a new version of the LODEINFO malware against Japanese organizations. The cybersecurity company has published two reports, one illustrating new APT10's infection chain techniques and a second focusing on the evolution of LODEINFO. Abusing security software.