19 Jun 2020
By Mary

InfoSec News Nuggets 6/19/2020

Amazon owes answers on facial recognition moratorium, lawmaker says Amazon's move to stop providing facial recognition to law enforcement until June 2021 has left more questions than answers. The company's announcement, limited to 102 words in a blog post, left out a lot of details on what the moratorium actually means, and a House representative is demanding answers from Amazon founder Jeff Bezos. In a letter sent to Bezos and Amazon on Wednesday, Rep. Jimmy Gomez, is asking the…
Read More
18 Jun 2020
By Mary

InfoSec News Nuggets 6/18/2020

SPACEX INTERNET SERVICE STARLINK ASKS FOR PEOPLE TO TRY IT OUT SpaceX has announced that it is looking for beta testers for its Starlink low-earth orbit internet service. The company, owned by Tesla CEO Elon Musk, was launched in 2015, with the first prototype satellites launched in 2018. Since then, the company has launched a host of new satellites from Nasa's Kennedy Space Center in Florida. There are currently 540 Starlink satellites in orbit. Eventually, they will form part…
Read More
17 Jun 2020
By Mary

InfoSec News Nuggets 6/17/2020

GitHub to replace "master" with alternative term to avoid slavery references GitHub is working on replacing the term "master" on its service with a neutral term like "main" to avoid any unnecessary references to slavery, its CEO said on Friday. The code-hosting portal is just the latest in a long line of tech companies and open source projects that have expressed support for removing terms that may be offensive to developers in the black community.…
Read More
16 Jun 2020
By Mary

InfoSec News Nuggets 6/16/2020

Amazon CEO Jeff Bezos agrees to testify before antitrust hearing Amazon and a handful of other major tech companies are facing increased pressure from a series of investigations from the US House and Senate, the Justice Department and Federal Trade Commission into their potential monopolistic practices. For Amazon, the investigations have often focused on Amazon's use of private label items to compete against much smaller retailers on its platform. Calls for Bezos to testify before…
Read More
15 Jun 2020
By Mary

InfoSec News Nuggets 6/15/2020

Microsoft Joins Ban on Sale of Facial Recognition Tech to Police Microsoft is joining Amazon and IBM when it comes to halting the sale of facial recognition technology to police departments. In a statement released Thursday by Microsoft President Brad Smith, he said the ban would stick until federal laws regulating the technology’s use were put in place. “We will not sell facial recognition tech to police in the U.S. until there is a national…
Read More
12 Jun 2020
By Mary

InfoSec News Nuggets 6/12/2020

Interpol arrests flamboyant Nigerian socialite, Ray Hushpuppi for alleged $35 million COVID-19 Internet scam Eyewitnesses in Dubai said Hushpuppi and his friend where ‘allegedly surrounded by the International police and FBI on the grounds of being fraud suspects’. Hushpuppi who said he will not come back to Nigeria has been accused of being an Internet fraudster because of his flamboyant and expensive lifestyles without a convincing business and source of his lavish lifestyle. According to…
Read More
11 Jun 2020
By Mary

InfoSec News Nuggets 6/11/2020

Twitter starts aggressively fact-checking tweets linking 5G to COVID-19 Twitter is now fact-checking tweets that link 5G and the COVID-19 pandemic by adding a label that promises to get users “the facts about COVID-19,” Business Insider reports. Clicking the label takes you to a Twitter page titled “No, 5G isn’t causing coronavirus” that includes links to news reports, fact-checking organizations, and government agencies debunking the conspiracy theory. Twitter confirmed the move in a statement given to Business Insider.…
Read More
10 Jun 2020
By Mary

InfoSec News Nuggets 6/10/2020

Apple adds anonymous symptom and health info sharing to its COVID-19 app and website Apple has updated its own COVID-19 iOS app and website with new features to allow users to anonymously share info including their age, existing health conditions, symptoms, potential exposure risks and the state in which they’re located. This info, which is not associated with any of their personal identifying data in any way according to the company, will be used in an aggregated way to…
Read More
09 Jun 2020
By Mary

InfoSec News Nuggets 6/9/2020

Japan's video gaming grandma, 90, plays her way into record books Every day 90-year-old Japanese grandma Hamako Mori flexes her fingers to keep them nimble. Not for knitting or needlepoint, but to stay in shape for playing video games. The pensioner known as “Gamer Grandma” spends three or more hours a day battling monsters and going on missions in the virtual worlds of her favourite games, and even has a popular YouTube channel for her…
Read More
08 Jun 2020
By Mary

InfoSec News Nuggets 6/8/2020

City of Austin websites go down, hackers take credit in protest The City of Austin’s websites went offline early Thursday morning, and a group of hackers took credit, claiming it was a protest against the Austin Police Department. The hackers known as Anonymous said they were the ones who took the city’s website, austintexas.gov, offline. This morning it appeared to just impact the user-facing web pages. The outages were intermittent throughout the morning, specifically for austintexas.gov. “We’re seeing…
Read More
05 Jun 2020
By Mary

InfoSec News Nuggets 6/5/2020

Denial of service attacks against advocacy groups skyrocket In figures published Tuesday, the internet security firm Cloudflare said it blocked more than 135 billion malicious web requests against advocacy sites, compared to less than 30 million blocked requests against U.S. government websites, such as police and military organizations. The company did not disclose which websites were affected, specifically. “As we’ve often seen in the past, real world protest and violence is usually accompanied by attacks on the…
Read More
04 Jun 2020
By Mary

InfoSec News Nuggets 6/4/2020

Ransomware gang says it breached one of NASA's IT contractors The operators of the DopplePaymer ransomware have congratulated SpaceX and NASA for their first human-operated rocket launch and then immediately announced that they infected the network of one of NASA's IT contractors. In a blog post published today, the DopplePaymer ransomware gang said it successfully breached the network of Digital Management Inc. (DMI), a Maryland-based company that provides managed IT and cyber-security services on demand. According to…
Read More
03 Jun 2020
By Mary

InfoSec News Nuggets 6/3/2020

Trump's social media executive order faces lawsuit The nonprofit Center for Democracy and Technology is taking aim at US President Donald Trump's social media executive order. The CDT filed a lawsuit against the president on Tuesday, alleging that the order violates the First Amendment and the right to free speech. "The order is plainly retaliatory: it attacks a private company, Twitter, for exercising its First Amendment right to comment on the President's statements," the lawsuit says. "More fundamentally, the…
Read More
02 Jun 2020
By Mary

InfoSec News Nuggets 6/2/2020

5G myths debunked: No, 5G doesn't cause COVID-19 and won't replace 4G either The next generation of high-speed mobile data, known as 5G, is live in many countries including the US, the UK and Australia. But as the new network rolls out, many misconceptions and confusion around the technology remain. Most recently, conspiracy theorists have tried linking 5G with the COVID-19 pandemic. This has resulted in people burning cell towers and many social media platforms, including Twitter, YouTube and Facebook, scrambling to curb the spread of…
Read More
01 Jun 2020
By Mary

InfoSec News Nuggets 6/1/2020

Meet the Victims of Online Scams Imagine a lonely person who’s looking for romantic companionship, so they turn to the internet. Picture someone who’s terribly anxious for news about an online payment that will ease their paycheck-to-paycheck existence. Or perhaps you’ve known an individual with such limited technical skills and financial resources, they’re always browsing for the cheapest IT provider possible. The victims of online scams each possess unique characteristics. And in the eyes of bad…
Read More
29 May 2020
By Mary

InfoSec News Nuggets 5/29/2020

How to Unlock Hidden Browser Games in Edge, Firefox and Chrome Your web browser is full of secrets. I typically spend my time poring over new features I can unlock via pages like chrome://flags and about:config, but it’s also nice to take a little break and play the hidden games that come packed into the most popular browsers. Yes, your desktop browser is filled with hidden games. Don’t crack your knuckles and expect to hunker down for a Civilization VI-like session—they’re not that great.…
Read More
28 May 2020
By Mary

InfoSec News Nuggets 5/28/2020

COVID-19: WEF says cybersecurity measures no longer theoretical 'nice-to-haves' for businesses With COVID-19 pandemic having forced individuals, organizations and the global economy to become more reliant on the internet and digital ways of doing business, an urgent action plan is required to deal with possible cyber attacks and data frauds, a WEF study said on Tuesday. 'COVID-19 is confronting every organization with limits of its ability to learn and change in an environment where speed…
Read More
27 May 2020
By Mary

InfoSec News Nuggets 5/27/2020

Roughly half the Twitter accounts pushing to 'reopen America' are bots, researchers found There's been a surge in bot activity in the past month in online discussions about reopening America from COVID-19 shutdowns, researchers at Carnegie Mellon University said this week. The researchers analyzed over 200 million tweets discussing COVID-19 and found that roughly half the accounts were likely bots. They identified the bots by looking for accounts that tweeted more frequently than humanly possible…
Read More
26 May 2020
By Mary

InfoSec News Nuggets 5/26/2020

Home Chef announces data breach after hacker sells 8M user records Home Chef, a US-based meal kit and food delivery service, announced a data breach today after a hacker sold 8 million user records on a dark web marketplace. Last week, BleepingComputer reported that a hacking group actor named Shiny Hunters was selling the user records for eleven companies on a dark web marketplace. The threat actor was selling these databases for $500 to $2,500. The user records for…
Read More
22 May 2020
By Mary

InfoSec News Nuggets 5/22/2020

COVID-19 contact tracing text message scams There’s no question, contact tracing plays a vital role in helping to stop the spread of COVID-19. But scammers, pretending to be contact tracers and taking advantage of how the process works, are also sending text messages. But theirs are spam text messages that ask you to click a link. Check out the image below. Unlike a legitimate text message from a health department, which only wants to let…
Read More
21 May 2020
By Mary

InfoSec News Nuggets 5/21/2020

REvil Ransomware found buyer for Trump data, now targeting Madonna The REvil ransomware group claims to have buyers ready for documents containing damaging information about US‌ President Donald Trump and is preparing to auction data on international celebrity Madonna. The hackers breached the network of Grubman Shire Meiselas & Sacks (GSMLaw), a law firm representing a huge number of A-list celebrities, stealing everything they considered of value before encrypting the data. After unfruitful negotiations with…
Read More
20 May 2020
By Mary

InfoSec News Nuggets 5/20/2020

Apple details its plan to safely reopen retail stores Apple’s head of retail Deidre O’Brien has posted a letter on the company’s website detailing how it plans to safely restart operations at its retail stores. Apple shut all of its stores outside Greater China in March as COVID-19 spread worldwide; all the Greater China stores reopened that same month, while Apple is still in the process of taking careful steps elsewhere. “Our commitment is to only move…
Read More
19 May 2020
By Mary

InfoSec News Nuggets 5/19/2020

Crooks are using realistic-looking webpage templates to trick you into handing over personal data Cyber criminals are still attempting to exploit the coronavirus pandemic for their own gain and they're being helped by website templates that allow them to mimic government agencies and companies. Researchers at cybersecurity company Proofpoint have identified over 300 phishing campaigns designed to steal personal information and bank details from victims – and many are using sites that are indistinguishable from the real thing, complete…
Read More
18 May 2020
By Mary

InfoSec News Nuggets 5/18/2020

Hackers Say They Have Trump's 'Dirty Laundry' and Want $42 Million to Keep It Secret The anonymous hackers this week crippled the computer systems of high-profile celebrity law firm Grubman Shire Meiselas & Sacks claiming to have stolen 756GB of highly-confidential documents including contracts and personal emails from the firm’s client list, which includes Madonna, Drake, Lady Gaga, Elton John, Robert De Niro, U2 and Bruce Springsteen. The hackers initially demanded $21 million from the law firm…
Read More
15 May 2020
By Mary

InfoSec News Nuggets 5/15/2020

Chrome will soon block resource-draining ads. Here’s how to turn it on now Chrome browser users take heart: Google developers are rolling out a feature that neuters abusive ads that covertly leach your CPU resources, bandwidth, and electricity. The move comes in response to a swarm of sites and ads first noticed in 2017 that surreptitiously use visitors’ computers to mine bitcoin and other cryptocurrencies. As the sites or ads display content, embedded code performs the resource-intensive…
Read More
14 May 2020
By Mary

InfoSec News Nuggets 5/14/2020

Zoom etiquette: You've probably broken at least one of these video chat rules With coronavirus lockdowns and quarantines still in place in most states, many of us are using video chat as the main way to keep in touch with coworkers, family and friends. Whether you're using Zoom, Skype, FaceTime, Google Meet or Hangouts, Microsoft Teams or one of the other video chat services available, you've probably encountered some distracting video chat behaviors from colleagues and friends, taking your calls off the rails.  Here are six ways…
Read More
13 May 2020
By Mary

InfoSec News Nuggets 5/13/2020

Scrabble fans slam 'sparkly abomination' new app Scrabble Go, a new game which will replace the existing official Scrabble mobile app made by Electronic Arts (EA) has sparked hundreds of complaints. Its vivid colours, treasure-style rewards and in-app purchase model has angered long-time players. The EA game will be discontinued on 5 June because the official franchise is now owned by games firm Scopely. Scrabble Go was launched on 5 March and had been downloaded…
Read More
12 May 2020
By Mary

InfoSec News Nuggets 5/12/2020

Google expects its staff to work from home until 2021 and it's not alone According to a Bloomberg report, Sundar Pichai, Google's CEO, told Google employees on Thursday to be ready to work remotely through October and possibly to the end of the year. Actually, a Google spokeswoman said most Google workers are expected to work from home until 2021. So, life's going back to normal? Not at this tech giant.  It's not just Google. Facebook has also told…
Read More
11 May 2020
By Mary

InfoSec News Nuggets 5/11/2020

South Dakota's Official Coronavirus App Shows Limits of Contact Tracing Tech One of the first official contact tracing apps from U.S. state Departments of Health doesn't reliably record location data, which it is supposed to do in order to help state governments monitor coronavirus infections and warn other residents if they may have been exposed to the virus. This is not to say that app is not working as intended, but the news shows the…
Read More
08 May 2020
By Mary

InfoSec News Nuggets 5/8/2020

‘Dramatic Rise’ in Scam Websites Mimicking Online Streaming Services The meteoric rise in new signups to streaming services such as Netflix and Disney+ in recent weeks has given opportunistic scammers the chance to take advantage of the situation. This is evidenced by new research by the cybersecurity firm Mimecast, which revealed that some 700 scam websites have popped up on the internet between April 6 and 13, designed with the sole purpose of stealing personal…
Read More
07 May 2020
By Mary

InfoSec News Nuggets 5/7/2020

DigiCert hit as hackers wriggle through (patched) holes in buggy config tool DigiCert, slinger of SSL/TLS certificates, has warned that it too has suffered at the hands of Salty miscreants as a key used for Signed Certificate Timestamps (SCT) was potentially compromised. The company joins Ghost.org and LineageOS in being the target of ne'er do wells as attackers exploited a disclosed (and patched) vulnerability in the Salt configuration tool over the weekend, spraying exposed infrastructure with cryptocurrency mining software.…
Read More
06 May 2020
By Mary

InfoSec News Nuggets 5/6/2020

The New United Nations Coronavirus Social Distancing App Doesn’t Even Work This week a division of the United Nations announced its new social distancing app designed to help alert people when they get too close to another person during the ongoing coronavirus pandemic. Motherboard has found that the app, called 1point5, is barely functional, and an independent researcher highlighted how the app may be largely ineffective due to how it informs users when they are…
Read More
05 May 2020
By Mary

InfoSec News Nuggets 5/5/2020

New Firefox service will generate unique email aliases to enter in online forms Browser maker Mozilla is working on a new service called Private Relay that generates unique aliases to hide a user's email address from advertisers and spam operators when filling in online forms. The service entered testing last month and is currently in a closed beta, with a public beta currently scheduled for later this year, ZDNet has learned. Private Relay will be available as a…
Read More
04 May 2020
By Mary

InfoSec News Nuggets 5/4/2020

Schiff to Google and Twitter: Please be more like Facebook when it comes to coronavirus misinformation Rep. Adam Schiff, D-Calif., has a message for the CEOs of Google, YouTube and Twitter when it comes to coronavirus misinformation: please be more like Facebook. It’s an unusual request from a D.C. lawmaker after Congress has spent the past few years scolding Facebook for its policies on misinformation. The company has struggled to escape the shadow of the 2018 Cambridge Analytica scandal and its role in spreading disinformation…
Read More
01 May 2020
By Mary

InfoSec News Nuggets 5/1/2020

Michigan Man Charged With COVID-19-Related Wire Fraud Scheme The United States Attorney’s Office for the Northern District of California unsealed charges today in a criminal complaint charging Rodney L. Stevenson II with wire fraud for his operation of an e-commerce website that allegedly scammed customers into paying for N95 masks that they never received. “Hospitals, healthcare providers and everyday people are understandably anxious to obtain N95 masks, N99 filters and other PPE,” said U.S. Attorney Anderson. …
Read More
30 Apr 2020
By Mary

InfoSec News Nuggets 4/30/2020

Comcast waives data cap until at least June 30 in response to pandemic After promising 60 days without data caps and overage fees for all customers, Comcast has decided to extend the data-cap waiver until at least June 30. Comcast announced the data-cap waiver on March 13, saying the waiver would last until May 13 to help customers deal with the pandemic. Today, Comcast said it will extend the data-cap waiver and other pandemic-related changes "through June 30 to…
Read More
29 Apr 2020
By Mary

InfoSec News Nuggets 4/29/2020

Online auction of record-breaking whisky collection hit by cyber-attack A record-breaking online auction of rare whiskies has been postponed indefinitely after being targeted in a cyber-attack. The sale of Richard Gooding’s “The Perfect Collection” was marketed as “the largest and most unprecedented private whisky collection ever to be offered for public sale”. The first phase of the auction, consisting of more than 1,900 bottles, fetched more than £3.2m earlier this year. The second phase of…
Read More
28 Apr 2020
By Mary

InfoSec News Nuggets 4/28/2020

Microsoft Word now flags double spaces as errors, ending the great space debate Microsoft has settled the great space debate, and sided with everyone who believes one space after a period is correct, not two. The software giant has started to update Microsoft Word to highlight two spaces after a period (a full stop for you Brits) as an error, and to offer a correction to one space. Microsoft recently started testing this change with…
Read More
27 Apr 2020
By Mary

InfoSec News Nuggets 4/27/2020

The pandemic is bringing us closer to our robot takeout future Robot deliveries remain rare enough that it's easy to dismiss them as curiosities. But that's a mistake. The technology works now. Starship already has hundreds of robots in service delivering food to real customers. Spurred by demand from locked-down customers, that number could soon soar to the thousands and eventually into the millions. With lower costs and no need to tip, robots could make…
Read More
24 Apr 2020
By Mary

InfoSec News Nuggets 4/24/2020

Zoom will soon let you report meeting participants to help bust Zoombombers Zoom is adding a way for hosts to report meeting participants, according to the app’s release notes published on April 19th (via PC Mag). In theory, that could help the company track down trolls that take over Zoom calls and share inappropriate material, a practice more colloquially known as “Zoombombing.” Zoom says the reporting feature will be available in an update that’s scheduled to release on Sunday, April…
Read More
23 Apr 2020
By Mary

InfoSec News Nuggets 4/23/2020

ITU-WHO Joint Statement: Unleashing information technology to defeat COVID-19 The World Health Organization, the International Telecommunication Union (ITU) with support from UNICEF are set to work with telecommunication companies to text people directly on their mobile phones with vital health messaging to help protect them from COVID-19. These text messages will reach billions of people that aren’t able to connect to the internet for information. Now more than ever, technology must ensure that everyone can…
Read More
22 Apr 2020
By Mary

InfoSec News Nuggets 4/22/2020

CFAA latest: Supremes to tackle old chestnut of what 'authorized use' of a computer really means in America If someone is authorized to use a computer – to access a database, for example – is that a blanket authorization, and can they use it so long as they continue to use their existing login? Or does it depend on the circumstances? Can someone’s authorization be dependent on the application's terms of service? The question may…
Read More
21 Apr 2020
By Mary

InfoSec News Nuggets 4/21/2020

IT services giant Cognizant suffers Maze Ransomware cyber attack Information technologies services giant Cognizant suffered a cyber attack Friday night allegedly by the operators of the Maze Ransomware, BleepingComputer has learned. Cognizant is one of the largest IT managed services company in the world with close to 300,000 employees and over $15 billion in revenue. As part of its operations, Cognizant remotely manages its clients through end-point clients, or agents, that are installed on customer's workstations…
Read More
20 Apr 2020
By Mary

InfoSec News Nuggets 4/20/2020

For seniors on COVID-19 lockdown, Alexa proves to be a valuable friend At the Eskaton assisted living communities across Northern California, residents and staff are doing their best to create a shared sense of hope and solidarity through the COVID-19 pandemic.  To keep residents safe, communal rooms are closed for activities, but hallway happy hours have become a common occurrence. Residents must eat their meals in their own apartments, but the staff has treated them with…
Read More
17 Apr 2020
By Mary

InfoSec News Nuggets 4/17/2020

Cyber attacks on banks seen spiking, says Carbon Black In what has been referred to as an “unprecedented anomaly”, cyber criminals are increasingly targeting the financial services sector during the Covid-19 coronavirus pandemic, with attacks on banks and other financial institutions spiking by 38% between February and March to account for 52% of all attacks observed by VMware’s Carbon Black Cloud. The sudden shift observed by Carbon Black threat researchers Patrick Upatham and Jim Treinen was also reflected…
Read More
16 Apr 2020
By Mary

InfoSec News Nuggets 4/16/2020

MIT’s AI-powered device lets doctors monitor coronavirus patients remotely A new device that uses AI to monitor coronavirus symptoms is helping doctors treat patients beyond the reach of infection. The box-like device emits wireless signals that bounce off human bodies before returning to the system. Algorithms then analyze changes in the signals to infer the person’s breathing rate, sleep patterns, and movements. The system, named Emerald, was developed at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL).…
Read More
15 Apr 2020
By Mary

InfoSec News Nuggets 4/15/2020

Amazon stops accepting new online grocery customers amid surging demand Amazon will begin to put new grocery delivery customers on a wait-list and curtail shopping hours at some Whole Foods stores to prioritize orders from existing customers buying food online during the coronavirus outbreak, the company said on Sunday. Many shoppers recently seeking to purchase groceries from the Seattle-based ​e-commerce company found they could not place orders due to a lack of available delivery slots. Amazon…
Read More
14 Apr 2020
By Mary

InfoSec News Nuggets 4/14/2020

Apps collecting data to help stop the virus spread must limit sharing of information, cybersecurity expert says Apple and Google’s joint initiative to build a platform that helps contain the spread of the coronavirus looks promising, but steps have to be taken to prevent it from invading the privacy of users for the long term, an academic with expertise on science and tech policy told CNBC. The tech giants announced Friday they were working together to provide tools that help…
Read More
13 Apr 2020
By Mary

InfoSec News Nuggets 4/13/2020

Facebook proposes 3D navigation task for training autonomous robots Researchers at Facebook, the Georgia Institute of Technology, and Oregon State University describe in a preprint paper published this week a new task for AI — navigating a 3D environment by listening to natural language directions (e.g., “Go down the hall and turn left at the wooden desk”). They say this could lay the groundwork for robot assistants that follow natural language instructions. The researchers’ task, which they…
Read More
10 Apr 2020
By Mary

InfoSec News Nuggets 4/10/2020

MIT develops privacy-preserving COVID-19 contact tracing inspired by Apple’s ‘Find My’ feature One of the efforts that’s been proposed to contain the spread of COVID-19 is a contact trace and track program, that would allow health officials to keep better tabs on individuals who have been infected, and alert them to potential spread. Contract tracing has already seemingly proven effective in some parts of the world that have managed to curb the coronavirus spread, but…
Read More