Welcome Back to Hacker Hub!

This week’s post is just a culmination of 3 interesting articles that I found on the inter-webs.

Make your week just as awesome as you are! Until the next article, enjoy!

P.S. Stay cyber healthy too!

Cheers,
- William

FTC Gives Chegg an 'F' for Careless Cybersecurity Impacting 40M Students

The Chegg educational technology company has been ordered by the Federal Trade Commission to get its cybersecurity in order after four separate data breaches exposed the sensitive data of about 40 million customers and employees. 

The FTC accuses the company of failing to adhere to basic security measures like two-factor authentication, while also insecurely storing personal data in the cloud, failing to implement a security policy, and skipping employee training altogether. 

Chegg Article

China-Backed APT10 Supercharges Spy Game With Custom Fileless Backdoor

Chinese-speaking threat actor APT10 has been using a sophisticated and sometimes fileless backdoor to target media, diplomatic, governmental, public sector, and think-tank targets, since at least March, researchers have found.

Researchers at Kaspersky have been tracking the LodeInfo malware family since 2019, they said in one of two blog posts  published Monday that lay out a two-part investigation on the emerging threat. The group is bent on espionage, primarily against Japanese targets to date.

However, as threat actors are constantly updating and modifying LodeInfo — particularly with anti-detection features and varying infection vectors — it's been difficult to stay on top of its use and deployment, the researchers said.

"LodeInfo and its infection methods have been constantly updated and improved to become a more sophisticated cyber-espionage tool while targeting organizations in Japan," the researchers wrote in one of their posts. "The LodeInfo implants and loader modules were also continuously updated to evade security products and complicate manual analysis by security researchers."

JPCERT/C first named LodeInfo in a blog post in February 2020, when it was the payload in a spear-phishing campaign targeting Japan, according to Kaspersky. The following year, Kaspersky researchers also shared new findings during the HITCON 2021 conference that covered LodeInfo activities from 2019 to 2020. At the time they attributed the malware to APT10 — also known as the "Cicada" group — with "high confidence," the researchers said.

China Backed APT10 Article

Hackers Unauthorizedly Accessed 130 GitHub Source Code Repositories

File hosting service Dropbox on Tuesday disclosed that it was the victim of a phishing campaign that allowed unidentified threat actors to gain unauthorized access to 130 of its source code repositories on GitHub.

"These repositories included our own copies of third-party libraries slightly modified for use by Dropbox, internal prototypes, and some tools and configuration files used by the security team," the company revealed in an advisory.

The breach resulted in the access of some API keys used by Dropbox developers as well as "a few thousand names and email addresses belonging to Dropbox employees, current and past customers, sales leads, and vendors."

It, however, stressed that the repositories did not contain source code related to its core apps or infrastructure.

Dropbox Breach Article