Notices by Lorenzo Franceschi-Bicchierai (lorenzofb@infosec.exchange)

NEW: Yahoo laid off around 25% of its cybersecurity team, known internally and in the industry as "The Paranoids," in the last year.

Company let go ~40 people out of ~200, according to multiple current and former Yahoo employees.

https://techcrunch.com/2024/12/12/yahoo-cybersecurity-team-sees-layoffs-outsourcing-of-red-team-under-new-cto/

NEW: Doughnut giant Krispy Kreme disclosed a cyberattack that it says has caused “certain operational disruptions, including with online ordering in parts of the United States.”

It's unclear at this point if this is a ransomware attack.

https://techcrunch.com/2024/12/11/krispy-kreme-discloses-cyberattack-that-is-disrupting-online-orders/

NEW: Security researchers have confirmed that iPhones running iOS 18 now automatically reboot if they are not unlocked for 72 hours.

The feature, called "inactivity reboot," will make life harder for thieves, law enforcement, and forensic experts trying to extract data from iPhones.

https://techcrunch.com/2024/11/14/new-apple-security-feature-reboots-iphones-after-3-days-researchers-confirm/

NEW: Cybersecurity giant Fortinet confirms data breach affecting “less than 0.3%” of customers. Based on company's latest earnings, that should be around 1,500 customers.

https://techcrunch.com/2024/09/13/fortinet-confirms-customer-data-breach/

NEW: Security researchers say they found evidence that Chinese government-linked hacking group Volt Typhoon used a zero-day to target ISPs in the U.S. and India.

The goal was to steal the credentials of the ISPs downstream customers, to do more targeted hacking.

“This wasn’t limited to just telecoms, but managed service providers and internet service providers,” said Mike Horka, the Black Lotus Labs' researcher who found the hacking campaign. “These central locations that they can go after, which then provide additional access.” Horka said these internet and networking companies are targets themselves, “very likely because of the access that they could potentially provide to additional downstream customers.”

https://techcrunch.com/2024/08/27/chinese-government-hackers-targeted-u-s-internet-providers-with-zero-day-exploit-researchers-say/

NEW: Microsoft revealed that the recent campaign by Russian government hackers, which resulted in the theft of emails from company executives and cybersecurity employees, was much broader.

The hackers also targeted an unspecified number of other companies, according to Microsoft.

But the company hasn't said how many yet.

https://techcrunch.com/2024/01/26/microsoft-says-russian-hackers-also-targeted-other-organizations/

NEW: 23andMe admitted that hackers broke into customers' accounts from April through September of 2023, and the company didn't detect the attacks.

It's unclear how many accounts were targeted, but hackers were successful breaking into 14,000 accounts, which in turn gave them access to personal data of 6.9 million customers.

Remember, 23andMe previously said this about the breach: "Users negligently recycled and failed to update their passwords following these past security incidents, which are unrelated to 23andMe [...] The incident was not a result of 23andMe’s alleged failure to maintain reasonable security measures."

https://techcrunch.com/2024/01/25/23andme-admits-it-didnt-detect-cyberattacks-for-months/

NEW: 23andMe is blaming customers for the data breach that affected 6.9 million customers.

We saw a letter 23andMe sent to a group of victims that is suing the company, which shows what strategy the company will use in these lawsuits: blame the victims.

NEW: 23andMe is blaming customers for the data breach that affected 6.9 million customers.

We saw a letter 23andMe sent to a group of victims that is suing the company, which shows what strategy the company will use in these lawsuits: blame the victims.

“Users negligently recycled and failed to update their passwords following these past security incidents, which are unrelated to 23andMe,” the letter reads. “Therefore, the incident was not a result of 23andMe’s alleged failure to maintain reasonable security measures.”

https://techcrunch.com/2024/01/03/23andme-tells-victims-its-their-fault-that-their-data-was-breached/

NEW: Bitcoin ATM company Coin Cloud got hacked at some point in the last year, but the hack is shrouded in mystery.

We spoke to the owner of the company that acquired Coin Cloud and he said the company "has been hacked multiple times in the past."

"It’s impossible to really say when the data was compromised or who did it. So many vendors and internal employees had access to it that it could have happened at many different times over the years,” he said.

https://techcrunch.com/2023/12/12/bitcoin-atm-company-coin-cloud-got-hacked/

NEW: After the terrorist attacks on Oct. 7, there has been a significant increase in honeypots deployed in Israel.

It's unclear who is deploying them, but it makes sense to deploy honeypots to keep an eye on hackers who may get involved in the conflict.

“I suspect folks learned the only way to really see what's happening is to spin up infrastructure and look,” one expert told us.

https://techcrunch.com/2023/11/20/thousands-of-new-honeypots-deployed-across-israel-to-catch-hackers/

NEW: As the war in Gaza continues, internet connectivity is getting worse and worse.

“The evidence of the crippled internet in Gaza is not hard to find. By every metric of internet connectivity, things are in bad shape,” internet monitoring expert Doug Madory told us.

NetBlocks and IODA are reporting that NetStream, a Gaza ISP, has an almost complete outage, and other ISPs aren't doing much better.

https://techcrunch.com/2023/10/27/internet-access-in-gaza-is-collapsing-as-isps-fall-offline/

NEW: Hackers breached WebDetective, a Portuguese-language stalkerware app that was used to monitor 76,000 Android phones in recent years.

The hackers claimed they deleted the data of people spied with the app from the company's servers.

“Which we definitely did. Because we could. Because #fuckstalkerware,” the hackers wrote in a note.

https://techcrunch.com/2023/08/26/brazil-webdetetive-spyware-deleted/