Security News > 2022 > October
Joe Sullivan, who was Chief Security Officer at Uber from 2015 to 2017, has been convicted in a US federal court of covering up a data breach at the company in 2016. We first wrote about the breach behind this widely-watched court case back in November 2017, when news about it orignally emerged.
Meta has sued several Chinese companies doing business as HeyMods, Highlight Mobi, and HeyWhatsApp for developing and allegedly using "Unofficial" WhatsApp Android apps to steal over one million WhatsApp accounts starting May 2022. Once installed, the apps used bundled malware to harvest sensitive info, including account authentication, to hijack their WhatsApp accounts to send spam messages.
The FBI and the US government's Cybersecurity and Infrastructure Security Agency claim any foreign interference in the 2022 US midterm elections is unlikely to disrupt or prevent voting, compromise ballot integrity, or manipulate votes at scale. The agencies also took the time to explain how US election systems are secured using "a variety of technological, physical, and procedural controls to mitigate the likelihood of malicious cyber activity" that could affect "Election infrastructure systems or data that would alter votes or otherwise disrupt or prevent voting."
The FBI and Cybersecurity and Infrastructure Security Agency claim any foreign interference in the 2022 US midterm elections is unlikely to disrupt or prevent voting, compromise ballot integrity or manipulate votes at scale. Despite popular narratives in some political circles that the 2020 election was insecure and fraudulent, there hasn't been any evidence to suggest that, the FBI and CISA said in the PSA. The agencies also took the time to explain how US election systems are secured using "a variety of technological, physical, and procedural controls to mitigate the likelihood of malicious cyber activity" that could affect "Election infrastructure systems or data that would alter votes or otherwise disrupt or prevent voting."
Microsoft says the Windows 11 2022 Update is breaking provisioning, leaving Windows 11 enterprise endpoints partially configured and failing to finish installing. "Using provisioning packages on Windows 11, version 22H2 might not work as expected," Redmond explained.
Cloud security plays a key role in this transition and journey to cloud, and it involves examining an organization's data processing and storage practices to outline unique strategies for protecting data. Using the best cloud security practices is essential for any organization because of the severe reputational consequences of not doing so.
South Korea issued a publicly available notice on Wednesday to wanted man and Terraform Labs founder Do Kwon, demanding he return his passport. The Ministry of Foreign Affairs disclosure [PDF] said that officials were unable to serve the notice to Kwon so had confirmed on its website that it was invalidating his passport and requesting its return within 14 days.
How to add an extra layer of protection in Bitwarden vault items. There is a measure of responsibility on the end user to not only use strong passwords but not repeat passwords and keep a check on breaches-all of which Bitwarden does very well.
Linux users have reported seeing weird white flashes and rapid blinking on their Intel laptop displays after upgrading to Linux kernel version 5.19.12, leading to warnings that the bug may damage displays. Besides being a visual annoyance, the unexpected screen flickering prevents users from doing anything on their systems, and Intel Linux kernel engineer Ville Syrjäl warns that it could also damage the display.
The threat actor behind the malware-as-a-service called Eternity has been linked to new piece of malware called LilithBot. "The group has been continuously enhancing the malware, adding improvements such as anti-debug and anti-VM checks."