AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 01/14/2021

The billionaires’ brawl over satellite broadband

Elon Musk is under siege by fellow billionaires at Amazon and Dish as he tries to get his fledgling space-based broadband service off the ground, with clashes involving airwave overload and the threat of satellite collisions. Musk’s Starlink service could extend broadband to unconnected customers in hard-to-reach rural areas. But competitors are pressing the Federal Communication Commission to stymie Musk’s plans. The Federal Communications Commission voted Tuesday evening to explore letting companies deliver 5G wireless services over the same airwaves SpaceX is using for its satellite broadband program. Even space only has room for so many services. SpaceX is locked in parallel feuds with Dish and Jeff Bezos-run Amazon over how best to divvy up both airwaves and physical space in orbit.

 

SolarLeaks site claims to sell data stolen in SolarWinds attacks

A website named ‘SolarLeaks’ is selling data they claim was stolen from companies confirmed to have been breached in the SolarWinds attack.

Last month, it was disclosed that network management company SolarWinds suffered a sophisticated cyberattack that led to a supply chain attack affecting 18,000 customers. According to a joint statement issued by the FBI, CISA, and the NSA, this attack was “likely” conducted by a Russian state-sponsored hacking group who wanted to steal cloud data such as email and files from its victims. Today, a solarleaks[.]net website was launched that claims to be selling the stolen data from Microsoft, Cisco, FireEye, and SolarWinds. All of these companies are known to have been breached during the supply chain attack. The website claims to be selling Microsoft source code and repositories for $600,000. Microsoft confirmed that threat actors accessed their source code during their SolarWinds breach.

 

SolarWinds Says It Has Found Source of Massive Cyberattack

Security software provider SolarWinds  (SWI) – Get Report revealed Tuesday that it has found the source of a highly sophisticated malicious code injection that it believes was used by the perpetrators of the recent cyberattack on the company and its clients, including federal government agencies. In a regulatory filing, SolarWinds said that it was able to reverse engineer the code, allowing it to learn more about the tool that was developed and deployed into the build environment. The company said it wasn’t able to independently verify the identity of the perpetrators. “Analysis suggests that by managing the intrusion through multiple servers based in the United States and mimicking legitimate network traffic, the attackers were able to circumvent threat detection techniques employed by both SolarWinds, other private companies and the federal government,” the company said in the 8K filing submitted to the Securities and Exchange Commission. 

 

TikTok is making young teens’ accounts more private by default

When a young teenager signs up for TikTok, their account will now be more private by default. TikTok said today that it’s updating the default settings for users aged 13 to 15, limiting who can see and comment on their videos. Only users who they add as friends will be able to view their videos, and their account won’t be suggested to other users. TikTok will also completely disable the option to let anyone comment on these users’ videos, even if they make their account public. Users between 13 and 15 will only be able to allow their friends to comment on their videos, or they can turn off comments altogether. The app’s Duet and Stitch features, which allow users to repost and respond to another person’s video, will be disabled for videos posed by users under 16. The ability to download videos of users under that age is also being disabled.

 

WhatsApp clarifies it’s not giving all your data to Facebook after surge in Signal and Telegram users

WhatsApp has published a new FAQ page to its website outlining its stances on user privacy in response to widespread backlash over an upcoming privacy policy update. The core issue relates to WhatsApp’s data-sharing procedures with Facebook, with many users concerned an updated privacy policy going into effect on February 8th will mandate sharing of sensitive profile information with WhatsApp’s parent company. That isn’t true — the update has nothing to do with consumer chats or profile data, and instead the change is designed to outline how businesses who use WhatsApp for customer service may store logs of its chats on Facebook servers. That’s something the company feels it is required to disclose in its privacy policy, which it’s now doing after previewing the upcoming changes to business chats back in October. 

 

Ring fixes one of its biggest flaws with rollout of end-to-end encryption

Amazon-owned home security firm Ring is making good on its promise from September last year and finally rolling out a technical preview for end-to-end encryption on its security cameras. The company has been mired in controversy over the years. Its employees were, in a 2019 report, found to have unfettered access to users’ video streams for years, with the company’s execs justifying the lack of encryption because “encryption would make the company less valuable.” In the same year, Ring’s Neighbors platform was found to be secretly sharing GPS coordinates, which could be a serious privacy hazard. End-to-end encryption should, therefore, be a welcome addition for privacy-conscious users, as it will prevent Ring from having the ability to tune into your video streams. At the same time, it will also prevent law enforcement agencies from forcing Ring to share your video streams with them because without the appropriate key for decryption, all Ring can hand over is a jumble of encrypted code.

Related Posts