AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 03/10/2021

Stalkers won’t be able to track victims via hidden AirTags

It won’t be possible for someone to hide an AirTag on you and track your location without permission. iPhones will notify their users if one of Apple’s item tracker tags is moving along with them. AirTags haven’t been formally announced, but the latest iOS 14.5 beta adds an “Items” tab to the built-in Find My application so users can search for these tags. A setting in the new tab shows that AirTags apparently won’t be a stalker’s dream. The upcoming version of the Find My app will add optional “Item Safety Alerts.” Apple has yet to explain precisely what these do, but disabling the alert results in the warning, “The owner of an unknown item will be able to see your location and you will no longer receive notifications when an unknown item is found moving with you.” By obvious extension, when the alerts are on, you will be notified if an unknown item tracker is moving with you.


SpaceX wants to beam Starlink internet to vehicles on Earth

Elon Musk’s other company (or at least, the one that’s getting the most headlines lately), SpaceX, wants to spread its Starlink internet to more places. Specifically, to vehicles, ships and planes right here on Earth. Fan blog Tesmanian first published a Federal Communications Commission filing request from SpaceX last Thursday asking the government agency to provide it “a blanket license authorizing operation.” If granted, SpaceX would have the authority to beam Starlink internet service to all sorts of transportation methods in the US. The company said in its filing this would serve public interest since it would authorize “a new class of ground-based components for SpaceX’s satellite system that will expand the range of broadband capabilities available to moving vehicles throughout the United States and to moving vessels and aircraft worldwide.” 


Why Facebook and Apple are fighting over your iPhone

Your iPhone will soon be a battlefield in the clash between Apple and Facebook. When Apple updates iOS14, its iPhone and iPad operating system, in the next few weeks, you and up to about 1 billion or so of its users will face a decision: Do you want apps like Facebook to keep collecting data to offer personalized ads across other sites and apps? iPhone users currently can go into settings to prevent cross-site tracking. But Apple is adding this “App Tracking Transparency” feature to give consumers more control over how their data is handled.  So while tech titans Facebook and Apple are facing off over privacy and the collection of user data, the real conflict runs deeper, hitting at how they operate and make money.


Exposed admin password leads to massive surveillance camera breach at hundreds of businesses

A small group of hackers viewed live and archived surveillance footage from hundreds of businesses including Tesla Inc by gaining administrative access to camera maker Verkada over the past two days, one of the people involved in the breach told Reuters. Swiss software developer Tillie Kottmann, who has gained attention for finding security flaws in mobile apps and other systems, shared with Reuters recordings from inside a Tesla factory in China and showroom in California. Additional footage came from an Alabama jail, hospital rooms, a police interview area and a community gym. Kottmann declined to identify other members of the group. The hackers sought to draw attention to the pervasive monitoring of people after having found login information for Verkada’s administrative tools publicly online this week, Kottmann said. Verkada acknowledged an intrusion, saying it had disabled all internal administrator accounts to prevent unauthorized access.


Idaho Man Charged With Hacking Into Computers in Georgia

An Idaho man faces federal charges after authorities say he hacked into the computers of a Georgia city and Atlanta area medical clinics. Robert Purbeck — who used online aliases Lifelock and Studmaster — was indicted Tuesday by a federal grand jury in Georgia, according to a news release from the U.S. attorney’s office in Atlanta. He’s charged with computer fraud and abuse, access device fraud and wire fraud. Purbeck, who’s 41 and lives in Meridian, Idaho, was arrested and appeared before a federal magistrate judge in Boise, the release says. No lawyer for Purbeck who might be able to comment on the charges was listed in online court records. Between June 2017 and April 2018, Purbeck is accused of buying the usernames and passwords to computer servers belonging to multiple Georgia victims and then using that information to access their computer to steal personal information.

Related Posts