AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 01/04/2021

Apply brakes to Apple Car expectations, analyst says

The idea of an Apple Car landing in showrooms hit the headlines again last week when a Reuters report suggested the tech giant is aiming to have an electric vehicle (EV) with autonomous capabilities ready for market in 2024. But a new research note from respected Apple analyst Ming-Chi Kuo suggests the car’s precise design specifications have yet to be decided, adding that any such vehicle may not arrive until 2028 or even later. While acknowledging an earlier note in which he claimed the Apple Car could launch between 2023 and 2025, the TF International Securities analyst said that more recent research “indicates that the current development schedule of Apple Car is not clear, and if development starts this year and everything goes well, it will be launched in 2025–2027 at the earliest.”


Microsoft alerts CrowdStrike of hackers’ attempted break-in

During the course of investigating the SolarWinds breach, CrowdStrike says Microsoft uncovered an attempt from unidentified hackers to read emails linked with the company. The hackers failed in their attempt to breach CrowdStrike, Chief Technology Officer Michael Sentonas said in a blog post Wednesday. Microsoft researchers first found the attempt, Sentonas said. Microsoft told CrowdStrike that “several months ago,” the Microsoft Azure account of a Microsoft reseller was making “abnormal calls” to Microsoft cloud application programming interfaces (APIs). The account managed Microsoft Office licenses for CrowdStrike. The attackers tried to access emails, but, “as part of our secure IT architecture, CrowdStrike does not use Office 365 email,” Sentonas said.


FBI: Pranksters are hijacking smart devices to live-stream swatting incidents

The US Federal Bureau of Investigation says pranksters are hijacking weakly-secured smart devices in order to live-stream swatting incidents. “Recently, offenders have been using victims’ smart devices, including video and audio capable home surveillance devices, to carry out swatting attacks,” the FBI said in a public service announcement published today. Officials say pranksters are taking over devices on which owners created accounts but reused credentials that previously leaked online during data breaches at other companies. Pranksters then place calls to law enforcement and report a fake crime at the victims’ residence. “As law enforcement responds to the residence, the offender watches the live stream footage and engages with the responding police through the camera and speakers,” the FBI said.


T-Mobile data breach exposed phone numbers, call records

T-Mobile has announced a data breach exposing customers’ proprietary network information (CPNI), including phone numbers and call records. Starting yesterday, T-Mobile began texting customers that a “security incident” exposed their account’s information. According to T-Mobile, its security team recently discovered “malicious, unauthorized access” to their systems. After bringing in a cybersecurity firm to perform an investigation, T-Mobile found that threat actors gained access to the telecommunications information generated by customers, known as CPNI. The information exposed in this breach includes phone numbers, call records, and the number of lines on an account. In a statement to BleepingComputer, T-Mobile stated that this breach affected a “small number of customers (less than 0.2%).”  T-Mobile has approximately 100 million customers, which equates to around 200,000 people affected by this breach.


Ticketmaster To Pay $10 million After Illegally Hacking Rival’s Computer System

Ticketmaster and its parent company, Live Nation, have agreed to pay out $10 million dollars to a competitor after admitting to hiring a former employee to hack into the rival company’s computer network. According to a statement issued by the Justice Department on Wednesday, the five criminal counts facing Ticketmaster stemmed from a plot to infiltrate the computer system of ticket-seller rival CrowdSurge in a self-described attempt to “cut [the company] off at the knees.” “Ticketmaster employees repeatedly — and illegally — accessed a competitor’s computers without authorization using stolen passwords to unlawfully collect business intelligence,” acting US attorney Seth DuCharme said in the statement. “Further, Ticketmaster’s employees brazenly held a division-wide ‘summit’ at which the stolen passwords were used to access the victim company’s computers.”


SolarWinds hackers accessed Microsoft source code, the company says

The hacking group behind the SolarWinds compromise was able to break into Microsoft Corp and access some of its source code, Microsoft said on Thursday, something experts said sent a worrying signal about the spies’ ambition. Source code – the underlying set of instructions that run a piece of software or operating system – is typically among a technology company’s most closely guarded secrets and Microsoft has historically been particularly careful about protecting it. It is not clear how much or what parts of Microsoft’s source code repositories the hackers were able to access, but the disclosure suggests that the hackers who used software company SolarWinds as a springboard to break into sensitive U.S. government networks also had an interest in discovering the inner workings of Microsoft products as well.

Related Posts