Snitches Get Stitches
First up this week, we have hackers exploiting a new toolset — the power of the federal government, specifically the SEC. From BleepingComputer.com:
Ransomware gang files SEC complaint over victim’s undisclosed breach
It’s news to me that SEC-reporting companies have to disclose data breaches within four days. The poor hackers don’t even have a response from the hacked company yet. How do they expect them to meet a four day deadline? LOL
The company in question is MeridianLink. Who knows, maybe this is someone with a short position talking their book. There’s another article that Bleeping Computer is referring to at DataBreaches.net:
AlphV files an SEC complaint against MeridianLink for not disclosing a breach to the SEC (2)
This article adds some detail that Bleeping Computer left out. You can see all the details of the SEC filing there.
Malware Can Restore Your Expired Google Session Cookies
Here’s one to be aware of, it hasn’t been confirmed by Google yet, though there’s traces that Google locked down cookie functionality a bit in response to the problem:
Lumma malware can allegedly restore expired Google auth cookies
More on Lumma, are you a math whiz? Loved trig?
Then maybe there’s a future for you as a hacker! Here’s a mathy article, again from Bleeping Computer.
Lumma Stealer malware now uses trigonometry to evade detection
OK folks, that’s all I got today, this is the last post of the semester, so we’ll be back in 2024. Happy New Year, Merry Christmas, and whatever you may celebrate around the holidays, please do so safely, both online and offline.
See you next year.
Image credit “Chess Middlegame Puzzle – 3” by ChessNetwork is licensed under CC BY 2.0.