AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 03/01/2023

Google Chrome optimizations improve battery life on Macs 

The latest version of Google Chrome for macOS (110.0.5481.100) includes new optimizations that increase battery life on MacBooks. Google’s tests on an M2-powered 13-inch MacBook Pro running macOS “Ventura” 13.2.1 allowed generic internet browsing for 17 hours and YouTube video watching for 18 hours. If Chrome’s Energy Saving mode is also activated, the browsing time on macOS may be extended by another 30 minutes. 

 

U.S. Marshals Service suffers ‘major’ security breach that compromises sensitive information, senior law enforcement officials say 

The U.S. Marshals Service suffered a security breach over a week ago that resulted in the compromise of sensitive information, multiple senior U.S. law enforcement officials said Monday. In a statement Monday, U.S. Marshals Service (USMS) spokesperson Drew Wade acknowledged the breach, telling NBC News: “The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees.” Wade said the incident occurred on Feb. 17, when the Marshals Service “discovered a ransomware and data exfiltration event affecting a stand-alone USMS system.” 

 

CISA red-teamed a ‘large critical infrastructure organization’ and didn’t get caught 

Hackers working for the federal government only had moderate success in attacking a “large critical infrastructure organization” last year, but were able to get in and get out without being detected, the Cybersecurity and Security Infrastructure Agency (CISA) said Tuesday. CISA had the organization’s permission for the stealthy three-month “red team assessment” in 2022 to get a full view of the network’s weaknesses. Certain personnel at the organization had “some high-level details of the engagement,” the agency said. “Despite having a mature cyber posture, the organization did not detect the red team’s activity throughout the assessment, including when the team attempted to trigger a security response,” CISA said in a report intended to advise critical infrastructure companies about security measures. 

 

France aims to protect kids from parents oversharing pics online 

French parents had better think twice before posting too many pictures of their offspring on social media. On Tuesday, members of the National Assembly’s law committee unanimously green-lit draft legislation to protect children’s rights to their own images. “The message to parents is that their job is to protect their children’s privacy,” Bruno Studer, an MP from President Emmanuel Macron’s party who put the bill forward, said in an interview. “On average, children have 1,300 photos of themselves circulating on social media platforms before the age of 13, before they are even allowed to have an account,” he added. 

 

Dish Network Confirms Outage Was Due To Ransomware Attack 

American television provider and broadcast satellite provider Dish Network has confirmed what was behind a damaging outage that began last week. In a statement Dish confirmed that a ransomware attack was the cause of a multi-day network and service outage that began last Friday. The outage badly impacted the business, knocking offline Dish.com, the Dish Anywhere app, Boost Mobile (owned by Dish Wireless), and other websites and networks owned and operated by Dish Network. The firm’s call centre operation was also said to be unreachable. 

 

Illinois’ biometric privacy law provides blueprint as states seek to curb data collection 

Adozen states have introduced privacy legislation this year that would rein in companies’ unchecked ability to collect and sell consumers’ biometric data such as fingerprints and images of their faces. The bills are part of a wave of state-level privacy legislation that includes more than a dozen children’s online privacy bills as well as a growing number of bills modeled after the comprehensive privacy legislation that Congress introduced last yearConcerns over the collection and sale of biometric data have flared in recent years in light of the increased use of facial recognition technology, fingerprinting and iris scans. The rapid adoption of the technology has alarmed policymakers and security experts due to the uniquely sensitive nature of biometric data which, unlike a password or account number, is impossible to change if stolen or misused. 

Related Posts