AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 02/17/2021

Copycats emerge after researcher exploits design flaw to breach Microsoft, Apple, Tesla

Pseudonymous authors published more than 150 copycat packages just three days after Sonatype published research around a software supply chain flaw, attempting to exploit the vulnerabilities in the brief window before a patch. Ethical hacker and security researcher Alex Birsan posted a blog on Feb. 9 that detailed how he used dependency, or namespace confusion, “to push his malicious proof-of-concept (PoC) code to internal development builds of over 35 major tech organizations including Microsoft, Apple, Tesla, Uber and others.” Sonatype released its own analysis of his findings, the company said. Within 48 hours of reports emerging on Birsan’s findings, Sonatype’s automated malware detection systems, part of Nexus Intelligence, began flagging over 150 copycat npm packages published by different authors,” imitating Birsan’s PoC research, the company said. “We are actively seeing more of these packages coming in every few hours.”

 

Swiping right on Tinder? Watch out for cryptocurrency scams

As if dating wasn’t difficult enough already! New cryptocurrency scams are targeting people on popular dating sites and apps, such as Tinder. Don’t let your quest for love blind you to red flags. You “swipe right” on an attractive man or woman on a dating app, and the app instantly matches you with them. After starting up a conversation, the alleged mate quickly takes the conversation off the platform and to a texting app, such as WhatsApp or WeChat. Once on the texting app, the scammer starts talking about how they have a family member who is a successful cryptocurrency investor. This person has inside trading information that could make you rich! Your new love interest encourages you to take advantage of this “exclusive opportunity.” All you need to do is deposit money in a cryptocurrency trading platform. But once you make a deposit, the money is gone forever. Your new “love” blocks you on all platforms and stops replying to your messages.

 

Kia Motors America experiences massive IT outage across the US

Kia Motors USA is experiencing a nationwide outage affecting IT servers, self-payment phone services, dealer platforms, and phone support. The outage started Saturday when the Kia Owners Portal went offline and began displaying an error message stating that Kia was “experiencing an IT service outage that has impacted some internal networks.” The company’s phone self-help services are also impacted, with the customer support numbers stating that they have server issues that may affect their ability to help customers. Calling the Kia finance number also results in a pre-recorded message stating that the self-service option is not available due to scheduled maintenance. The outage also affects the company’s mobile apps, such as ‘Kia Access with UVO Link’, ‘UVO eServices’, and ‘Kia Connect’.

 

LastPass Free is dropping a crucial feature — Here are the best alternatives

LastPass is one of the most popular password managers on the market thanks to its robust feature set, affordable family plan, and most of all, its standout free tier. For users who joined based on that last advantage, today’s news is going to come as a serious disappointment as LastPass has announced that starting on March 16, LastPass Free users will no longer be able to sync their passwords across all of their devices. You will be limited to either syncing your passwords between computers (desktops and laptops) or mobile devices (phones, smartwatches, and tablets). This is a death blow for the free tier for most users as the ability to use a password manager everywhere is critical to its utility. 

 

This cybersecurity threat costs business millions. And it’s the one they often forget about

While ransomware is the cyberattack most feared by businesses, another form of cybercrime is slipping under the radar, one that is proving highly lucrative for internet fraudsters – and costly to business. A business email compromise (BEC) attack sees cyber criminals use social engineering to trick an employee at a business into transferring a large sum of money to an account controlled by the crooks. Often these messages pretend to be from someone the victim knows, such as their boss, a colleague or another known and trusted business contact. The attackers can steal hundreds of thousands of dollars just by sending a few emails – and by the time the victim has realised they’ve been duped by cyber criminals, it’s too late. And while ransomware is the most high profile form of cybercrime targeting businesses, it’s BEC scams that are the most financially damaging.

 

‘Fortnite’ developer Epic Games files EU complaint against Apple

Epic Games has filed an antitrust complaint with the European Union against Apple, continuing the two companies’ dispute over the App Store. As North Dakota rejected an anti-Apple bill drafted by an Epic Games lobbyist, the “Fortnite” developer has taken its complaints to the European Union. Despite being in dispute with both Apple and Google, Epic Games has singled out Apple for the complaint, which it says has eliminated competition. “What’s at stake here is the very future of mobile platforms.” says Epic Games CEO Tim Sweeney in a company blog post about the complaint. “Consumers have the right to install apps from sources of their choosing and developers have the right to compete in a fair marketplace.” “We will not stand idly by and allow Apple to use its platform dominance to control what should be a level digital playing field,” he continued. “It’s bad for consumers, who are paying inflated prices due to the complete lack of competition among stores and in-app payment processing. And it’s bad for developers, whose very livelihoods often hinge on Apple’s complete discretion as to who to allow on the iOS platform, and on which terms.”

Related Posts