Our website may use cookies to improve and personalize your experience and to display advertisements (if any). Our website may also include cookies from third parties like Google Adsense or Google Analytics. By using the website, you consent to the use of cookies. We’ve updated our Privacy Policy. Please click on the button to check our Privacy Policy.

AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – February 11, 2019

Foreign VPN apps need a close look from DHS, senators say

The Department of Homeland Security should assess the security threat posed by foreign VPN applications to U.S. government employees, a bipartisan pair of senators says. Some popular VPN apps send a phone’s web-browsing data to servers in countries interested in targeting federal personnel, raising “the risk that user data will be surveilled by those foreign governments,” Sens. Marco Rubio, R-Fla., and Ron Wyden, D-Ore., wrote in a letter to DHS Thursday. VPN providers promise to obfuscate the physical location of a web browser, but users are generally at the mercy of those companies’ decisions to collect and log data. The senators cite government warnings about products made by Chinese telecommunications companies and Russian antivirus vendor Kaspersky Lab as examples of the surveillance that certain foreign technology can enable.

Movie and TV-tracking service Trakt belatedly discovers 2014 breach

The California-based company, which allows viewers to track the programs and films they watch, reportedly sent an email to its subscribers informing them that an unauthorized party used a PHP programming language exploit back in December 2014 to capture user data. “Although this happened in 2014, we only recently discovered this, and wanted to promptly provide notice as part of our commitment to your privacy,” the email states, according to multiple news outlets. Trakt advises recipients to look out for a second email with a link to reset their passwords. Affected information included users’ emails, usernames, encrypted passwords, names and locations stored. Payment information was not impacted, however, because it was stored separately.

Apple is telling developers to disclose secret screen recordings or face ‘immediate action’

Following revelations yesterday regarding the use of session replay tech among big-name travel apps that recode iPhone users’ screens, Apple is now telling developers to either remove the code responsible or disclose it to users, according to a new report from TechCrunch. The punishment for failing to do so could be as severe as having the offending app forcibly removed from the App Store. Apple confirmed to the publication that its App Store Review Guidelines prohibit this kind of activity without first gaining proper consent from a user. “Protecting user privacy is paramount in the Apple ecosystem. Our App Store Review Guidelines require that apps request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity,” an Apple spokesperson tells TechCrunch.

Phishers Target Anti-Money Laundering Officers at U.S. Credit Unions

A highly targeted, malware-laced phishing campaign landed in the inboxes of multiple credit unions last week. The missives are raising eyebrows because they were sent only to specific anti-money laundering contacts at credit unions, and many credit union sources say they suspect the non-public data may have been somehow obtained from the National Credit Union Administration (NCUA), an independent federal agency that insures deposits at federally insured credit unions. The USA Patriot Act, passed in the wake of the terror attacks of Sept 11, 2001, requires all financial institutions to appoint at least two Bank Secrecy Act (BSA) contacts responsible for reporting suspicious financial transactions that may be associated with money laundering. U.S. credit unions are required to register these BSA officers with the NCUA.

‘Drinkable’ potato chips: the products keeping your phone grease-free

Among the concerns facing today’s social media maven: how can one scroll through Instagram and enjoy a bag of potato chips without getting their phone all greasy? t’s a dilemma Steve Jobs was never able to solve, but that hasn’t stopped today’s innovators. A Japanese snack company is offering chips that require only a single hand to consume – and you don’t have to touch the chips at all. The Tokyo company Koike-ya is behind One Hand Chips, which come pre-smashed so that you can essentially drink them, according to the Wall Street Journal. Now you can swipe with clean hands, and while the calories pile up, you don’t have to waste valuable energy chewing. As one enthusiast tells the paper: “I can just take it and chug it.”

Google makes it easier for cheap phones and smart devices to encrypt your data

Encryption is an important part of the whole securing-your-data package, but it’s easy to underestimate the amount of complexity it adds to any service or device. One part of that is the amount of processing encryption takes — an amount that could be impractical on small or low-end devices. Google wants to change that with a highly efficient new method called Adiantum. Here’s the problem. While encryption is in a way just transforming one block of data reversibly into another, that process is actually pretty complicated. Math needs to be done, data read and written and reread and rewritten and confirmed and hashed. For a text message that’s not so hard. But if you have to do the same thing as you store or retrieve megabyte after megabyte of data, for instance with images or video, that extra computation adds up quick.

AT&T sued by Sprint, must defend decision to tell users that 4G is “5G E”

Sprint is suing AT&T, alleging that AT&T’s misleading “5G E” advertising campaign violates laws prohibiting false advertising and deceptive acts and practices. AT&T renamed a large portion of its 4G network, calling it “5G E,” for “5G Evolution.” But as we’ve written, what AT&T calls 5G E consists of technologies that are part of the years-old 4G LTE-Advanced standard and are already used by Verizon, T-Mobile, and Sprint on their 4G networks. Despite that, AT&T has been advertising this supposed upgrade to 5G E and even changing network indicators on smartphones from 4G to 5G E. “By making the false claim that it is offering a 5G wireless network where it offers only a 4G LTE Advanced network, AT&T is attempting to secure an unfair advantage in the saturated wireless market,” Sprint wrote in a complaint filed yesterday in US District Court for the Southern District of New York.

Microsoft security chief: IE is not a browser, so stop using it as your default

Is Internet Explorer (IE) a browser? According to Microsoft, no. Today, it’s a ‘compatibility solution’ for enterprise customers to deal with legacy sites that should be updated for modern browsers.  Chris Jackson, Microsoft’s worldwide lead for cybersecurity, really doesn’t want enterprise customers to use IE for all web traffic, even though for some organizations that would be the easiest option. Companies in that situation are willing to take on ‘technical debt’, such as paying for extended support for a legacy software, but that habit needs to stop in the case of IE, argues Jackson in a new blog post, ‘The perils of using Internet Explorer as your default browser’.

U.S. must prevent air accidents involving drones, lawmaker warns

The commercial drone industry could be torpedoed if there were a serious accident involving a drone and a commercial aircraft, the chairman of the U.S. House Transportation and Infrastructure Committee warned on Friday.  Representative Peter DeFazio, a Democrat, said at a speech in Washington that regulators had to take the threat seriously. “This is really serious when these things are flying around and it could kill the commercial drone industry,” DeFazio said, adding that if a toy drone “takes down a plane” there would be public outcry to ground the devices. The issue of threats by drones to commercial air traffic came to the fore after London’s second busiest airport, Gatwick Airport, was severely disrupted in December when drones were sighted on three consecutive days.

Spotify will now suspend or terminate accounts it finds are using ad blockers

Spotify will take a harder stance on ad blockers in its updated terms of service. In an email to users today, the streaming music and podcast platform said its new user guidelines “mak[e] it clear that all types of ad blockers, bots and fraudulent streaming activities are not permitted.” Accounts that use ad blockers in Spotify face immediate suspension or termination under the new terms of service, which go into effect on March 1. The new guidelines specify that “circumventing or blocking advertisements in the Spotify Service, or creating and distributing tools designed to block advertisements in the Spotify Service” may now result in “immediate termination or suspension of your Spotify account.” Ad blockers have long been a headache for Spotify.

Google’s top policy chief calls for ‘common rules of the road’ globally for tech regulation

Google’s top policy chief has called for “common rules of the road” globally when it comes to the regulation of technology, amid ongoing debate around the world on how to create legislation for the internet economy. Karan Bhatia, vice president of global public policy and government relations at Google, said that while a one size fits all approach to regulation would not work, he would welcome some “convergence” of regulation globally. “Some coordination on this, some level of collaboration, I think is going to be absolutely critical. We are very supportive of international efforts on multiple fronts to sort of create that level of dialogue and ideally common rules of the road,” Bhatia said during a CNBC-hosted panel at the World Government Summit in Dubai on Sunday.

Instagram and Facebook will start censoring ‘graphic images’ of self-harm

Starting soon, both platforms will no longer allow any “graphic images of self-harm” most notably those that depict cutting. This content was previously allowed because the platforms worked under the assumption that allowing people to connect and confide around these issues was better than the alternative. After a “comprehensive review with global experts and academics on youth, mental health and suicide prevention,” those policies are shifting. “… It was advised that graphic images of self-harm – even when it is someone admitting their struggles – has the potential to unintentionally promote self-harm,” Mosseri said.

Related Posts