Notices by Metacurity (metacurity@infosec.exchange)

Exclusive: DOGE staffer, 'Big Balls', provided tech support to cybercrime ring, records show
https://www.reuters.com/world/us/doge-staffer-big-balls-provided-tech-support-cybercrime-ring-records-show-2025-03-26/

The greatest thing of the day - when Microsoft needlessly demanded a PoC video for a vulnerability that analyst Will Dormann discovered and was well-documented, he submitted a 15-minute video that contained a clip from Zoolander, in which the protagonist unveils the "Center for Kids Who Can't Read Good," as well as a punchy techno backing track while wasting the reviewer's time with approximately 14 minutes of inactivity.
https://www.theregister.com/2025/03/17/microsoft_bug_report_troll/

Exclusive: Fired US government workers with top security clearances were not given exit briefings, sources say
https://www.reuters.com/world/us/fired-us-government-workers-with-top-security-clearances-were-not-given-exit-2025-03-04/

It's all over but the shouting my friends.

"Within the White House complex, the WiFi permissions — meant to bolster security by prompting users to log in frequently — were recently changed to allow guests to remain logged in for a year, up from seven days, because so many personal devices are newly in use."
https://www.washingtonpost.com/business/2025/02/25/elon-musk-doge-data-privacy-security/

https://www.wired.com/story/doge-hr-elon-musk-resignation-fork-road-leaked-staff-meeting/

“One employee expressed concerns that outside actors could send resignation emails on staffers’ behalf by spoofing their email addresses.”

Musk has locked OPM workers out of their computer systems.

Exclusive: Musk aides lock government workers out of computer systems at US agency, sources say
https://www.reuters.com/world/us/musk-aides-lock-government-workers-out-computer-systems-us-agency-sources-say-2025-01-31/

"Norway is sounding the alarm after discovering that Russia is no longer only disrupting the Global Navigation Satellite Systems (GNSS) across the border, but also spoofing GPS signals, an attack that can cause significant disruption to commercial aviation."

"We were spoofed on approaching Kirkenes today”
https://www.thebarentsobserver.com/news/we-were-spoofed-on-approaching-kirkenes-today/423323

Violent Hackers Are Using U-Haul To Dox Targets
https://www.404media.co/violent-hackers-are-using-u-haul-to-dox-targets/

Even though the HOPE (Hackers on Planet Earth) conference is usually slated for every other year, given the success of the 2024 conference, HOPE will take place again next year.

I just got an email saying HOPE_16 will occur August 15-17, 2025, at St. John's University in Queens, New York City.

I'm definitely going this time.

This is kind of upsetting. Wikipedia has $400 million in cash reserves and the foundation which runs Wikipedia has 550 employees with top managers making high salaries but doesn't pay it maintainers a penny.

I'm so disillusioned.

The next time Wikipedia asks for a donation, ignore it
https://unherd.com/newsroom/the-next-time-wikipedia-asks-for-a-donation-ignore-it/

@philbetts I'd love to hear from @molly0xfff on this.

https://www.golocalprov.com/news/ri-massive-hack-hundreds-of-thousands-ss-banking-information-names-dob

Right before Christmas, RI is forced to close its SNAP food and Medicaid systems due to what sounds like a ransomware attack.

“At an unprecedented Friday night press conference held by Governor Dan McKee, he claimed that the State of Rhode Island was first notified on December 5 of a potential major massive cyberattack.

McKee disclosed late on Friday that the state’s system to support everything from SNAP benefits to Medicaid to HealthsourceRI are all now closed.”

https://www.timesofisrael.com/liveblog_entry/syrian-sources-say-assad-may-have-been-killed-in-plane-crash-during-escape/
Reuters hasn’t confirmed it but reports are that Assad was killed in a plane crash.

Not a good month for telecoms!

Scattered Spider Teen Hacked Telecoms to Spam Victims, US Says
https://www.bloomberg.com/news/articles/2024-12-04/scattered-spider-teen-hacked-telecoms-to-spam-victims-us-says

Don't miss today's Metacurity for the most important infosec developments you should know, including

--UK cybersecurity chief warns of rise in hostile cyber activity
--Russia sentences Hydra Market leader to life in prison,
--Former Polish security chief forced into Pegasus spyware hearing,
--CFPB publishes proposed data brokers rule,
--SEC settles ICBC ransomware records case,
--FDD argues for Chinese-made lidar sensor ban,
--Hack forces DMM Bitcoin shutdown,
--much more
https://www.metacurity.com/uk-cybersecurity-chief-warns-of-rise-in-hostile-cyber-activity/

@mbmy @GossiTheDog I can see how the writer interpreted the small MSP space "really doesn't matter" as "won't be missed."

But I will delete my toot that quoted the article directly to not create any confusion.

@patrickcmiller I don't believe I've ever seen an errata from NIST before.

@patrickcmiller @msbrumfield Thanks Patrick!

I think Grammarly has jumped the AI shark.

CrowdStrike has yet to face a lawsuit over July's global IT meltdown
https://www.theregister.com/2024/09/09/crowdstrike_legal_threats/