AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 02/16/2022

Outrage over Telenor Myanmar sale grows as more ties between military and new owner revealed

Activists in Myanmar have released troves of data linking the country’s military dictatorship to a company that will be purchasing a majority stake in Telenor Myanmar — a subsidiary of Norwegian telecom giant Telenor that controls the personal data of 18 million Myanmar subscribers. Telenor, which is owned and controlled by the Norwegian government, has faced significant backlash for weeks after it announced a decision to sell its telecom business in Myanmar to a notorious Lebanese company called M1 Group for $105 million. News outlets in Myanmar have reported that M1 is already telling regulators in the country that it plans to sell 80% of Telenor Myanmar to Shwe Byain Phyu, a company with deep, longstanding ties to the country’s brutal military, according to local activist group Justice for Myanmar. 


How the Russia-Ukraine conflict is impacting cybercrime

Intel 471 has been monitoring how the ongoing tension between Russia and Ukraine is impacting the cybercrime underground. While financially-motivated actors have yet to show their inclination to leverage the conflict for personal gain, the recent change of course from Russian law enforcement in the form of arrests and takedowns show that the country will leverage the underground for diplomatic advantage in the same way it does for its intelligence purposes. While there have been cyberattacks on Ukrainian entities over the past month, Intel 471 has not observed any evidence that these attacks have been carried out by financially-motivated actors. An attack carried out in January, in which Ukrainian websites were defaced as a cover to launch destructive malware known as WhisperGate, has not attracted much attention from underground actors.


Sports brand Mizuno hit with ransomware attack delaying orders

Sports equipment and sportswear brand Mizuno is affected by phone outages and order delays after being hit by ransomware, BleepingComputer has learned from sources familiar with the attack. Mizuno is a Japanese sports equipment and sportswear company with over 3,800 employees and locations throughout Asia, Europe, and North America. The company sells a wide variety of sports equipment but are best known for their golf clubs, running sneakers, and baseball gear. Sources who spoke to BleepingComputer on the condition of anonymity said that Mizuno suffered a ransomware attack over the weekend of February 4th, targeting the USA corporate network.


FTC warns VoIP providers: Share your robocall info or get sued

The US Federal Trade Commission (FTC) said today that it will take legal action against Voice-over-Internet Protocol (VoIP) service providers who do not hand over information requested during robocall investigations. “Companies that receive FTC Civil Investigative Demands must promptly produce all required information,” said Samuel Levine, the Director of FTC’s Bureau of Consumer Protection. “These demands are not voluntary. Companies that don’t respond fully, or don’t respond at all, will have to answer to a federal district court judge, as these cases demonstrate.” The Commission charged Alcazar Networks in December 2020 with facilitating illegal telemarketing calls after it provided VoIP services to an Indian company that used “911” as the caller ID and impersonated the Social Security Administration. 


Ukrainian government says websites for banks, defense ministry hit with DDoS attacks

Websites for several banks and government agencies in Ukraine — including the Ministry of Defense, Ministry of Internal Affairs and the Armed Forces of Ukraine — were facing disruptions Tuesday, according to multiple sources. Ukraine’s Center for Strategic Communications and Information Security posted a message to Facebook late morning U.S. time saying the banks and the government were hit by a “massive” distributed denial-of-service (DDoS) cyberattack. The Ministry of Defense tweeted that it had “probably” been targeted with DDoS, and that it was communicating via Facebook and Twitter. The Ukrainian State Service of Special Communication and Information Protection called it a “powerful DDOS attack on a number of information resources,” and said experts were “taking all necessary measures to resist and localize the cyberattack.”


Chrome OS Flex is a brilliant iCloud solution for your obsolete Mac

Most Mac users wouldn’t dream of replacing macOS with anything but the latest update, but Google wants you to at least consider another option: Chrome OS. Google describes its new Chrome OS Flex as a “free and sustainable way” to install Google’s online OS on any Mac or PC. The target audience is cash-strapped schools and businesses looking for “modern computing with cloud-based management,” but it’s pretty tempting for regular users too. Chrome OS Flex offers the same breezy interface as you would get on a Chromebook (minus the Android apps) with Google’s expansive library of web apps and extensions running the show.

Related Posts