AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 03/18/2021

Apple Maps now displays COVID-19 vaccination locations

Apple today updated Apple Maps with COVID-19 vaccination locations from VaccineFinder, a free, online service developed by Boston Children’s Hospital that provides the latest vaccine availability for those eligible at providers and pharmacies throughout the US. Users can find nearby COVID-19 vaccination locations from the Search bar in Apple Maps by selecting COVID-19 Vaccines in the Find Nearby menu or by asking Siri, “Where can I get a COVID vaccination?” The Apple Maps placecard for each vaccine site will include the operating hours, address, phone numbers, and a link to the provider’s website, where Maps users can learn more about available vaccines and book appointments. The initial rollout includes more than 20,000 locations, with Apple adding more sites in the coming weeks.


Magecart Attackers Save Stolen Credit-Card Data in .JPG File

Magecart attackers have found a new way to hide their nefarious online activity by saving data they’ve skimmed from credit cards online in a .JPG file on a website they’ve injected with malicious code. Researchers at website security firm Sucuri discovered the elusive tactic recently during an investigation into a compromised website using the open-source e-commerce platform Magento 2, Luke Leal from Sucuri’s malware research team said in a report posted online last week. “The creative use of the fake .JPG allows an attacker to conceal and store harvested credit card details for future use without gaining too much attention from the website owner,” he wrote.


BBB Tip: Hunting for a COVID-19 vaccine? Be careful sharing personal info

As more states open up COVID-19 vaccine appointments to all adult residents, demand is far outpacing supply. “Vaccine hunter” websites, online forums, and social media groups have sprung up, offering to help people find open appointments and leftover vaccine doses in their area. While most of these websites and online groups are legitimate resources, this situation is an ideal opportunity for scammers. Use caution when following links or providing personal information. Many vaccine hunting social media groups provide practical tips in finding open appointments, but they can also be a place for scammers to push phony vaccines and other cons.


America’s Drinking Water Is Surprisingly Easy to Poison

On Feb. 16, less than two weeks after a mysterious attacker made headlines around the world by hacking a water treatment plant in Oldsmar, Florida, and nearly generating a mass poisoning, the city’s mayor declared victory. “This is a success story,” Mayor Eric Seidel told the City Council in Oldsmar, a Tampa suburb of 15,000, after acknowledging “some deficiencies.” As he put it, “our protocols, monitoring protocols, worked. Our staff executed them to perfection. And as the city manager said, there were other backups. … We were breached, there’s no question. And we’ll make sure that doesn’t happen again. But it’s a success story.” Two council members congratulated the mayor, noting his turn at the press conference where the hack was disclosed. “Even on TV, you were fantastic,” said one. “Success” is not the word that cybersecurity experts use to describe the Oldsmar episode. They view the breach as a case study in digital ineptitude, a frightening near-miss and an example of how the managers of water systems continue to downplay or ignore years of increasingly dire warnings.


Mimecast reveals source code theft in SolarWinds hack

Mimecast has revealed the theft of its source code in a cyberattack linked to the SolarWinds breach. According to Mimecast’s security incident disclosure, published on March 16, a malicious SolarWinds Orion update was used to access the company’s production grid environment. The cloud and email security firm said “a limited number of source code repositories” were downloaded during a cyberattack in January, but added that the company currently has “no evidence” that this code was maliciously modified or that the loss will impact any existing products. “We have no evidence that the threat actor accessed email or archive content held by us on behalf of our customers,” Mimecast says. “We believe that the source code downloaded by the threat actor was incomplete and would be insufficient to build and run any aspect of the Mimecast service.

Related Posts