CyberSecurity News

December 6th 2021

Two Spotify Patents are sparking serious surveillance concerns this includes “method for processing a provided audio signal that includes speech content and background noise”

https://www.musicbusinessworldwide.com/spotifys-latest-invention-will-determine-your-emotional-state-from-your-speech-and-suggest-music-based-on-it/

The US Military has been combating Ransomware attacks:

https://www.nytimes.com/2021/12/05/us/politics/us-military-ransomware-cyber-command.html

For the blue team guys out there: Security pre-advisories are a simple way to improve the patch management process:

https://portswigger.net/daily-swig/security-pre-advisories-a-simple-way-to-improve-the-patch-management-process

Panasonic has admitted a breach to it’s network. It doesn’t seem to have been client information:

https://news.panasonic.com/global/press/data/2021/11/en211126-4/en211126-4-1.pdf

A mysterious threat actor is running hundreds of malicious Tor relays:

https://therecord.media/a-mysterious-threat-actor-is-running-hundreds-of-malicious-tor-relays/

FBI document shows what data can be obtained from encrypted messaging apps:

https://therecord.media/fbi-document-shows-what-data-can-be-obtained-from-encrypted-messaging-apps/

Dataleak sites are becoming more important to Ransomware Operators:

https://www.govinfosecurity.com/ransomware-operations-double-down-on-data-leak-sites-a-18046

Global regulators are concerned over NVidia’s takeover of ARM. Led by the FTC who are suing to block the sale based on competition laws:

https://www.zdnet.com/article/ftc-files-lawsuit-to-block-nvidias-40-billion-takeover-of-arm/

New DDR5 RAM is here:

https://www.pcmag.com/news/what-is-ddr5-everything-you-need-to-know-about-the-latest-pc-memory-standard

This tool combines GeoIP location with Tracert:

https://github.com/zu1k/nali

The US Federal Trade Commission has amended it’s data protection policy , make tougher rules for financial institutions to protect customer information:

https://portswigger.net/daily-swig/ftc-implements-tougher-data-protection-rules-to-safeguard-customer-information

The UK’s Department of Transport was delivering porn, due to a subdomain takeover:

https://news.ycombinator.com/item?id=29343025

A former employee at a large wireless communication production company, stole gigabytes of confidential files and then tried to extort 2 Million dollars from the employer:

https://www.justice.gov/usao-sdny/pr/former-employee-technology-company-charged-stealing-confidential-data-and-extorting

Ransomware groups increasingly using data leak threats to pile pressure on victims:

https://portswigger.net/daily-swig/ransomware-groups-increasingly-using-data-leak-threats-to-pile-pressure-on-victims

A malicious attacker named Babam is making a lot of noise:

https://krebsonsecurity.com/2021/12/who-is-the-network-access-broker-babam/

Feel free to ping me @forshish