AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 02/22/2021

Clubhouse under scrutiny for sending data to Chinese servers

Clubhouse was launched about a year ago and was initially only used by Silicon Valley’s rich and famous. It is different from other social media in that it focuses on the spoken word. Clubhouse members can enter virtual rooms to listen in or participate in live conversations. The conversations can only be joined when they are live and the people having the conversation determine who is allowed to listen and who can talk. Recently Clubhouse went viral among Chinese-speaking audiences. But as soon as the Chinese government became aware of political discussions on the app, it was abruptly blocked by the country’s online censors, on Monday February 8, 2021. This line of events made some researchers wonder how private the conversations really were.

 

Drug companies look to AI to end ‘hit and miss’ research

The hunt for new medicines has often been more like a game of roulette than high-end science. But now the pharmaceutical sector is on the cusp of a transformation, as it delves into cutting-edge technology to come up with new treatments for diseases such as cancer, rheumatoid arthritis and Alzheimer’s. Artificial intelligence (AI) is set to improve the industry’s success rates and speed up drug discovery, potentially saving it billions of dollars, a recent survey by the analytics firm GlobalData has found. AI topped a list of technologies seen as having the greatest impact on the sector this year. Almost 100 partnerships have been struck between AI specialists and large pharma companies for drug discovery since 2015.

 

Sequoia Capital says it was hacked

Sequoia Capital told its investors on Friday that some of their personal and financial information may have been accessed by a third party, after a Sequoia employee’s email was successfully phished, Axios has learned. Sequoia is one of the largest and most successful venture capital firms in the world, with portfolio companies like Airbnb, DoorDash, and Robinhood. It also has invested in cybersecurity firms like FireEye and Carbon Black. Sequoia’s investors, known as limited partners, include university endowments, tech executives and charitable foundations. Sequoia told investors that it’s been monitoring the dark web, and has not yet seen any indication that compromised information is being traded or otherwise exploited.

 

New malware found on 30,000 Macs has security pros stumped

A previously undetected piece of malware found on almost 30,000 Macs worldwide is generating intrigue in security circles, which are still trying to understand precisely what it does and what purpose its self-destruct capability serves. Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload on any of the infected 30,000 machines, leaving the malware’s ultimate goal unknown. The lack of a final payload suggests that the malware may spring into action once an unknown condition is met. Also curious, the malware comes with a mechanism to completely remove itself, a capability that’s typically reserved for high-stealth operations. So far, though, there are no signs the self-destruct feature has been used, raising the question why the mechanism exists. Besides those questions, the malware is notable for a version that runs natively on the M1 chip that Apple introduced in November, making it only the second known piece of macOS malware to do so. 

 

This is how WhatsApp will squeeze new privacy policy hold-outs

WhatsApp users who don’t accept the company’s controversial upcoming privacy policy will steadily lose functionality over a few weeks, as the Facebook-owned messaging platform squeezes them into agreeing with the new rules. Announced last month, the new privacy terms met with near-instant backlash, as they appeared to allow WhatsApp to share user data with other Facebook products and services. That led to an outflow of WhatsApp users hunting for a different messaging platform. The company pushed back with clarifications of just what the new terms mean, in an attempt to clear up the confusion. In a blog post last week WhatsApp said that opting into the privacy changes will be done at users’ “own pace” rather than forced in a single day. Nonetheless, there’s a deadline of May 15. Beyond that, it’s only now that details of just what the app experience will be for policy holdouts have emerged.

Related Posts