I'll be the first to admit that, like many people on the internet last week, I got caught up in the toothbrush distributed denial-of-service attack that wasn't.
There was about a 24-hour period where many news outlets reported on a reported DDoS attack that involved a botnet made up of thousands of internet-connected toothbrushes, it all started with one international newspaper report, and then was aggregated to death and spread quickly on social media.
This attack was only a hypothetical that a security researcher posed in an interview but was reported or translated as an attack that happened.
I'll admit, the aggregated stories seemed a little fishy to me at first, because all the reports didn't include any specifics about which company was targeted, how long the attack lasted, or the name of the device that was reportedly compromised.
That last part should be a red flag going forward for any of us wanting to share a meme about something the next time a cybersecurity story goes viral - in my opinion, responsible disclosure of an attack or compromise should always include information about whatever vulnerability it was that was exploited.
In this hypothetical scenario, I don't think an adversary would have been able to compromise an internet-connected toothbrush without first exploiting some sort of vulnerability, which if it's being reported on in public, should at least include information on patches or mitigations.
The toothbrush botnet that wasn't does serve as a reminder to all of us to be a bit more mindful before clicking share or posting a story on social media.
Turla has been widely known to target entities across the world using a huge set of offensive tools in geographies including the U.S., European Union, Ukraine and Asia.
Chinese state-sponsored actor Volt Typhoon may have silently sat on U.S. critical infrastructure networks for more than five years, according to a new report from American intelligence agencies.
Authorities in Canada, Australia and New Zealand also contributed to last week's advisory, citing their concern for similar activity in their countries.
The FBI's director recently said in testimony to U.S. Congress that authorities had dismantled a bot network of hundreds of compromised devices that was connected to VoltTyphoon.
A new spyware network called TheTruthSpy may have compromised hundreds of Android devices using silent tracking apps that users download thinking they're legitimate.
Security researchers uncovered the information of thousands of devices that have already been compromised, including their IMEI numbers and advertising IDs.
The spyware is downloaded via an app, which doesn't appear on the victim's home screen and operates quietly in the background.
The phony LassPass used a similar logo to that of the legitimate LastPass and was up on the App Store for an unknown amount of time.
Apple also said it was removing the creator of the app from its Developer Program.
This is a very rare case for the Apple App Store, as it has a strict review policy.
LastPass released a warning to all users last week of the fake app's existence, including a link to the legitimate LastPass app.
It's safe to assume that the app was likely set up as some sort of phishing scam meant to get users to enter their legitimate LastPass login information to be stolen by the fake app's creator.
Joe Marshall from Talos' Strategic Communications team will tell an incredible story of how a group of engineers and security professionals from a diverse coalition of organizations came together to solve this electronic warfare GPS problem in an unconventional technical way, and helped stabilize parts of the transmission grid of Ukraine.
This Cyber News was published on blog.talosintelligence.com. Publication date: Thu, 15 Feb 2024 19:13:16 +0000