AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 03/05/2021

Real estate group in Las Vegas launches fully autonomous security robot

A new spin to security. The Westland Real Estate Group has launched a fully autonomous security robot at its Liberty Village Apartments in northeast Last Vegas. The security robot is the first in the world to be used in a multi-family residence in an effort to improve the safety and security of residents. The security robot monitors the property through video and thermal-imaging cameras. Apartment Manager Carmen Batiz says it has many features to enhance security. “Besides patrolling, it also has a couple of features. Where there is an emergency on the property it has a button where the residents can click on it and it will automatically trigger for our security,” Batiz said. Batiz says she’s seen improvements in security and plans to bring in more security robots.

 

Brave buys a search engine, promises no tracking, no profiling

Brave, maker of the identically named privacy-focused web browser, has acquired its own search engine to offer as an alternative to Google Search and competing search engines that exist but aren’t all that visible in Google’s shadow. On Wednesday, the company plans to announce that it’s taking over Tailcat, a search engine developed by Cliqz, another privacy-focused browser biz that aspired to compete with Google and shut down last year. The deal, terms undisclosed, makes Cliqz owner Hubert Burda Media a Brave shareholder. Brave intends to make Tailcat the foundation of its own search service, Brave Search.

 

SolarWinds reports $3.5 million in expenses from supply-chain attack 

SolarWinds has reported expenses of $3.5 million from last year’s supply-chain attack, including costs related to incident investigation and remediation. Further expenses were recorded by SolarWinds after paying for legal, consulting, and other professional services related to the December hack and provided to customers for free. SolarWinds supply-chain attack, the incurred expenses reported so far were recorded through December 2020, with significant additional costs being expected throughout the next financial periods. “Costs related to the Cyber Incident that will be incurred in future periods will include increased expenses associated with ongoing and any new claims, investigations and inquiries, as well as increased expenses and capital investments related to our ‘Secure By Design’ initiatives, increased customer support activities and other related matters,” the company said. “We expect to incur increased expenses for insurance, finance, compliance activities, and to meet increased legal and regulatory requirements.”

 

I see you: your home-working photos reveal more than you think!

Most of us now use online platforms routinely – in some countries, almost exclusively – to engage with work colleagues, friends, family and loved ones. One worrying trend is the posting online of photos of home-working setups, video calls, and virtual meetings. This trend has coined its own series of hashtags including #WorkFromHome, #WorkingFromHome, #RemoteWork, #HomeOffice. Others allude to the app used, such as #Zoom and #MSTeams. While the sharing of such photos may seem harmless and even a must-do at the time, the reality is that we are, once again, falling into the age-old trap of oversharing online and overlooking the risks. We are forgetting to ask ourselves: what might a criminal or fraudster do with this information? Fraudsters, scammers and other cybercriminals love when we share information openly online about our lives, personal or work-related.

 

Microsoft links new malware to SolarWinds hackers

Microsoft released details Thursday on later-stage malware the company says was used by the group behind the SolarWinds espionage campaign that breached several government agencies and private firms, including Microsoft and FireEye. A coordinated blog from FireEye provided a separate deep dive on one of the malware strains in the Microsoft post, but the firm was less confident about attributing it to the SolarWinds campaign. According to its blog, FireEye obtained a sample from a malware repository. Microsoft, who is now tracking this hacker group as Nobelium, said it discovered three new samples of malware apparently active in some compromised customer networks between August and September of last year. “These capabilities differ from previously known Nobelium tools and attack patterns, and reiterate the actor’s sophistication. In all stages of the attack, the actor demonstrated a deep knowledge of software tools, deployments, security software and systems common in networks, and techniques frequently used by incident response teams,” wrote Microsoft. Lawmakers and vendors alike believe Nobelium to be a facet of Russian intelligence.

 

Someone Is Hacking Cybercrime Forums and Leaking User Data

Since the beginning of this year, an unknown threat actor has been hacking cybercrime forums and leaking user data publicly or offering it for sale. At least four such forums have been breached to date, namely Verified in January, Crdclub in February, and Exploit and Maza in March. All are predominantly Russian-language forums and saw their breaches publicly disclosed elsewhere. Intelligence firm Intel 471, which has been closely following the hacks, says that, while the identity of the actor behind the attacks is unknown, the public nature of the attacks eliminates the possibility of a law enforcement operation. In January, a threat actor announced on underground forum Raid Forums that they breached Verified, an established Russian-language cybercrime forum. The adversary said they had Verified’s entire database, containing details on all registered users, including private messages, posts, threads, and hashed passwords. The hacker, who apparently was able to transfer $150,000 worth of cryptocurrency out of Verified’s wallet, was offering the database for $100,000.

Related Posts