Security News Bites for the Week Ending May 26, 2023

Sometimes a Patch Goes Sideways

HP is working to figure out how to deal with a firmware update to a number of Office Jet printers that “bricked” the printers, meaning that these printers are only useful as a brick or paperweight. The will not boot and all the user gets is a blue screen with the code 83C0000B. HP says to contact customer support, but right now, apparently, there is no fix other than replacing the printer. One option may be to return the printer to HP for service, but that likely would cost HP more money than replacing them. HP has not said how many printers are affected and I can’t find any public announcement from HP even though this has been going on for a couple of weeks. Expect lawsuits. Credit: Bleeping Computer

Chinese Hackers behind Guam Breach Have Been Spying on the US Military for Years

Apparently the Chinese hackers behind the Guam power grid hack have been collecting intelligence from the US defense contractors. Secureworks calls the group Bronze Silhouette, Microsoft calls them Volt Typhoon. The Director of National Intelligence (DNI) said that China was almost certainly capable of disrupting critical infrastructure in the US. These folks are serious about compromising US companies. Credit: The Record

OAuth Flaw Exposes Social Media Logins to Account Takeover

A new OAuth-related vulnerability in an open-source application development framework could expose Facebook, Google, Apple and Twitter users to account takeover, personal data leakage, identity theft, financial fraud and unauthorized actions on other online platforms, security researchers said. The flaw is in the Expo framework, used by 650,000 developers at many major companies. Expo is a cloud hosted service, so most of the mitigation is done, but Expo does have recommendations to developers to fully mitigate the problem. Credit: Data Breach Today

Capita Issued Erroneous Breach Details

British outsourcing giant Capita keeps rolling out breach notifications. As many as 350 pension funds and multiple local governments are affected. This is the challenge when many companies outsource to the same, large, outsourcing provider . The first breach was detected on March 31st and they said that no data APPEARED to have been stolen. But after the hackers claimed credit, the company changed their story and said customer, supplier and employee data might have been stolen. The second breach was not a breach. They forgot to secure an Amazon AWS bucket with more than a half terabyte of data. It had been exposed since 2016. They said the bucket contained user guides and release notes. The British government does not believe them and has said so publicly. Moral to this story: Understand your data and get your story straight. Credit: Data Breach Today

Feds Use AI Tool to Analyze Social Media of Citizens and Refugees

Customs and Border Protection (CBP) is using an invasive, AI-powered monitoring tool to screen travelers, including U.S. citizens, refugees, and people seeking asylum, which can link their social media posts to their Social Security number and location data, according to an internal CBP document. The system, called Babel X, lets a user input some info like a phone number—and receive a bevy of data in return including their social media posts, linked IP address, employment history, and unique advertising identifiers associated with their mobile phone. This can apply to citizens, permanent residents, refugees and asylum seekers. Credit: Vice

by