AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 04/05/2023

‘Smart’ tech is being weaponised by domestic abusers, and women are experiencing the worst of it 

Readers may be familiar with the famous Dolly Parton line “It costs a lot of money to look this cheap”. I like to paraphrase it. If I have a guest at my home, I’ll sweep my hand across the room and say: “Friend, it took a lot of learning to live this dumb.” No, I’m not talking about learning to wear my Danny Dyer T-shirts with pride. I’m talking about my refusal to sign up to smart tech: the internet-connected versions of quotidian household machinery that are becoming commonplace in our modern lives – and increasingly being used by domestic abusers to target their victims. 


Hackers Can Remotely Open Smart Garage Doors Across the World 

Hackers can remotely tap into a particular brand of smart garage door opener controllers and open them across the world due to a series of security vulnerabilities that the brand, called Nexx, has declined to fix, according to findings from a security researcher. The vulnerabilities pose a serious risk to users of Nexx, which offers a wi-fi enabled garage door opener controllers among other products. The researcher who discovered the issue says that Nexx has not responded to their attempts to responsibly report the vulnerabilities for months, according to a copy of an email shared with Motherboard. 


Uber has internal data stolen in yet another cyberattack 

A recent supply chain attack has resulted in sensitive data belonging to Uber drivers being stolen once again. The Register picked up on a breach notification sent to affected drivers by the law firm Genova Burns which said that in late January 2023 it “became aware” of suspicious activity in its internal information systems.  After bringing in outside forensic and data security specialists, the company determined that an “unauthorized third party” (no groups or individuals were named) accessed its systems between January 23 and 31, 2023. During that time, the threat actor stole data including Uber drivers’ names, Social Security Numbers, and in some cases, Tax Identification numbers. 


Notorious stolen credential warehouse Genesis Market seized by FBI 

A notorious source of stolen credentials, genesis.market, has had its website seized by the FBI. Security vendor Sophos has identified genesis.market as “an invitation-only marketplace” from which buyers can acquire “stolen credentials, cookies, and digital fingerprints that are gathered from compromised systems.” Sophos described the stolen data souk as an initial access broker (IAB) – a business that compromises systems and services, steals data, and sells it. Genesis.market specialized in lifting “credentials, cookies, and digital fingerprints” and not only sold that data but offered a subscription service to provide up-to-date information on individuals it tracked. 


US President Joe Biden urges tech firms to address risks of AI 

United States President Joe Biden stated on Tuesday that the safety of artificial intelligence (AI) is still uncertain, and emphasized that technology firms should ensure their products are secure before releasing them to the public. During a meeting with science and technology advisers, Biden acknowledged that AI could be beneficial in tackling issues such as disease and climate change. However, he stressed the significance of addressing possible risks to society, national security and the economy. 


New Strain of Rorschach Ransomware Targeting US- Firms 

Check Point Research has shared details of previously undocumented ransomware, dubbed Rorschach, which they regard as the fastest-ever ransomware discovered so far. Researchers noticed that an unnamed US-based organization is one of the victims of Rorschach. It’s not surprising that new strains of ransomware are emerging, given the increasing number of ransomware attacks and the constant development of new evasion techniques by cybercriminals. Recently, researchers discovered a new ransomware strain called Cylance that targets both Linux and Windows devices. 

Related Posts