AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 01/20/2021

How one hacker’s push to secure the internet became a crucial part of Mac, Linux, and Windows operating systems

Jason A. Donenfeld is relentlessly curious about everything, from ancient cities to cutting edge cryptography. When he’s not developing WireGuard, known as the most secure VPN protocol in the world, the security researcher enjoys exploring the vast network of centuries-old limestone tunnels beneath Paris. Donenfeld, who is 32, originally came to Paris in 2010, after landing a summer gig writing shape packing algorithms, and then moved to the city fully in 2012, working as a vulnerability researcher. His work finding vulnerabilities for companies led him to doubt the security of popular VPN protocols. He thought the dizzying complexity, bloated implementations, and often outdated cryptography made for a worrisome attack surface. In 2015, he started developing WireGuard.

 

Amazon opens Alexa AI tech for the first time so car makers can build custom assistants

Amazon will now allow third-party companies the unprecedented privilege of accessing the core artificial intelligence underpinning its Alexa digital assistant, a first for the company’s AI platform. While Amazon has allowed companies to build skills for Alexa and allows pretty much any consumer electronic device maker to integrate Alexa into a compatible product, the e-commerce giant has not licensed the underlying AI tech for use in other assistant-like products. Amazon is calling the new offering Alexa Custom Assistant, and it’s starting out with a focus on the auto market. Amazon is doing so to allow not just automobile manufacturers, but any company with a need for a digital voice assistant more control over the software experience. This will allow companies to create their own wake words and custom voices and capabilities Amazon says will “co-exist” with Alexa as it’s designed to work today. For the auto market, this provides Amazon the added benefit of having its software built directly into cars.

 

Privacy-focused search engine DuckDuckGo grew by 62% in 2020

The privacy-focused search engine DuckDuckGo continues to grow rapidly as the company reached 102M daily search queries for the first time in January. DuckDuckGo is a search engine that builds its search index using its DuckDuckBot crawler, indexing WikiPedia, and through partners like Bing. The search engine does not use any data from Google. What makes DuckDuckGo stand out is that they do not track your searches to build a user profile or share any personal or identifying data with third-party companies, including ad networks. “Each time you search on DuckDuckGo, you have a blank search history, as if you’ve never been there before,” DuckDuckGo explains in their privacy blog. As people are increasingly becoming more concerned about how their data is being used online, DuckDuckGo has seen huge growth on a year-by-year basis.

 

Stolen credit card shop Joker’s Stash closes after making a fortune

The administrator of Joker’s Stash, a popular and one of the longest-running marketplace for cybercriminals to purchase stolen credit cards, announced on Friday that they would permanently shut down the operation next month. They published messages on multiple cybercriminal forums to inform about the retirement, set for February 15, and that all servers and backups would be wiped. “It’s time for us to leave forever,” the administrator wrote, adding in caps that “we will never ever open again,” as a warning about possible impostors trying to capitalize on the move by impersonating them. The illegal card shop opened in 2014 and became famous for providing fresh stolen credit card data and a promise of card validity; some of the cards were touted to be exclusive to Joker’s Stash.

 

The Changing Dynamics of Cyber Insurance

Almost exactly a year ago, cybersecurity professionals were locked in a heated debate about insurance. While some were keen to point out that the future of the industry would need to include some form of insurance market, others argued that cyber insurance would never be worth the premiums, especially given the inherently volatile nature of cybersecurity. The pandemic has changed all of that. According to the FBI, cyberattacks have increased by almost 400% since the start of the pandemic, and 68% of companies have reported that they’ve seen increases in fraud. In addition to this rising threat level, we’ve also seen attacks on many companies that had previously been regarded as low-risk, especially mid-sized enterprises. This has led, unsurprisingly, to a booming market in cyber insurance. In this article, we’ll take a look at how the market has changed in the last 12 months and where it will go from here.

 

Cybersecurity teams are struggling with burnout, but the attacks keep coming

Cybersecurity teams are facing new challenges to how they work as the Covid-19 pandemic has forced many security operation centres (SOC) to work remotely while also having to deal with new threats – all of which is leading to higher workloads and an increase in burnout for staff. Research by the Ponemon institute and Respond Software surveyed information security staff and found that the coronavirus pandemic is increasing hours and workloads of staff in a profession that was already a high intensity environment for people to work in. The events of 2020 saw many office-based teams shift to working remotely and that was the same for a significant number of cybersecurity personnel. More than one third of SOC environments shifted to working remotely as a result of the pandemic. While this has understandably happened to protect people from the virus, over half of those now working remotely say it’s had an impact on operations.

 

OpenWRT reports data breach after hacker gained access to forum admin account

The maintainers of OpenWRT, an open-source project that provides free and customizable firmware for home routers, have disclosed a security breach that took place over the weekend. According to a message posted on the project’s forum and distributed via multiple Linux and FOSS-themed mailing lists, the security breach took place on Saturday, January 16, around 16:00 GMT, after a hacker accessed the account of a forum administrator. “It is not known how the account was accessed: the account had a good password, but did not have two-factor authentication enabled,” the message reads. The OpenWRT team said that while the attacker was not able to download a full copy of its database, the attack did download a list of forum users, which included personal details such as forum usernames and email addresses.

Related Posts