AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 04/06/2021

Technology could make fighting COVID less restrictive but privacy will take a hit

Now that the world has completed a full circuit around the Sun with COVID as a passenger, it is possible to see which jurisdictions responded well, and which are still struggling to come to grips with the virus. Two of the nations held up as exemplars of how to fight COVID were Taiwan and New Zealand, but the approaches were very different: One has locked down parts of its population multiple times, and the other with more experience of respiratory viruses, has avoided such approaches. A recent academic paper published in the Journal of the Royal Society of New Zealand examined the two nations and raised a number of questions that deserve to be considered in light of a year of lockdowns, contact tracing, outbreaks, and other restrictions on the movement of people.


GitHub investigating crypto-mining campaign abusing its server infrastructure

Code-hosting service GitHub is actively investigating a series of attacks against its cloud infrastructure that allowed cybercriminals to implant and abuse the company’s servers for illicit crypto-mining operations, a spokesperson told The Record today. The attacks have been going on since the fall of 2020 and have abused a GitHub feature called GitHub Actions, which allows users to automatically execute tasks and workflows once a certain event happens inside one of their GitHub repositories. In a phone call today, Dutch security engineer Justin Perdok told The Record that at least one threat actor is targeting GitHub repositories where GitHub Actions might be enabled. The attack involves forking a legitimate repository, adding malicious GitHub Actions to the original code, and then filing a Pull Request with the original repository in order to merge the code back into the original. But the attack doesn’t rely on the original project owner approving the malicious Pull Request. Just filing the Pull Request is enough for the attack, Perdok said.


AMD Zen 3 CPUs vulnerable to Spectre-like attacks via PSF feature

US chipmaker AMD advised customers last week to disable a new performance feature if they plan to use CPUs for sensitive operations, as this feature is vulnerable to Spectre-like side-channel attacks. Called Predictive Store Forwarding (PSF), this feature was added to AMD CPUs part of the company’s Zen 3 core architecture, a processor series dedicated to gaming and high-performance computing, which launched in November 2020. The feature implements a technique called speculative execution, which works by running multiple alternative CPU operations in advance to make results available faster, and then discarding “predicted” data once deemed unneeded. But since 2018, the academic community has published research on a wide variety of attacks against “speculative execution,” attacks that have been used to break security barriers between apps inside the CPU and then leak app data via so-called side-channel attacks.


Tim Cook comments on Elon Musk, and AR/VR and Apple Car

In case you missed it, Apple’s CEO gave a 30-minute interview with Kara Swisher, which is available on all major streaming platforms in the form of a podcast. The majority of the conversation revolved around data privacy and security, but they also touched on other important topics for Cook and Apple. The boss commented on Elon Musk’s claims that Tesla’s boss offered to sell the company to Apple, but Cook ‘wouldn’t even take a meeting with him’. Apple’s head said he hasn’t met up with Musk, but strongly admires what Tesla’s been able to achieve, touching on the company’s consistency over the years. He finally shed some light on Apple’s own electric car! He expressed a strong opinion that ‘autonomous cars are robots’. He said there are many things that can be done with autonomous vehicles and ‘we’ll see what Apple does’. Cook also said that the company is constantly investigating many possible variations of a product, but many of them simply don’t see the light of day.


Supreme Court argument casts doubt on Facebook, Twitter free speech rights

In a ruling on a different matter, Supreme Court Justice Clarence Thomas has argued that social media platforms like Facebook and Twitter may not have a First Amendment right to regulate user commentary on their platforms. On Monday, the U.S. Supreme Court threw out a pending First Amendment case over Twitter’s ban of former President Donald Trump. Justice Thomas, however, weighed in on the issue with a 12-page opinion about the power of technology platforms. The Supreme Court Justice wrote that platforms like Twitter and Facebook “provide avenues for historically unprecedented amounts of speech, including speech by government actors.” Thomas added that the control over so much speech rests in the hands “of a few private parties.” “We will soon have no choice but to address how our legal doctrines apply to highly concentrated, privately owned information infrastructure such as digital platforms,” Thomas wrote. In his opinion, Thomas suggested that large social media platforms could be analogized to “common carriers” or “places of public accommodation.” In the past, the court has ruled that neither retains First Amendment rights.


Capital One Warns of More Data Leaked in 2019 Breach

Capital One is warning additional customers that their Social Security numbers may have been exposed in a massive 2019 breach. Meanwhile, a suspect in the breach is slated to go to trial in October, according to court documents. In a recent breach notification and a letter sent to customers, Capital One notes that following an additional internal investigation into the 2019 breach that included the theft of 106 million credit card records and personal data belonging to customers in the U.S. and Canada, the bank found that additional Social Security numbers may have been exposed. A notification and letter filed with California authorities last month did not specify how many additional Social Security numbers may have been exposed during the 2019 breach.


Google’s Supreme Court victory over Oracle hailed as ‘fantastic’ for small companies

The Supreme Court on Monday sided with Google in a $9 billion copyright fight with Oracle over software in billions of Android phones, in a ruling the Electronic Frontier Foundation hailed as “a fantastic win” for smaller companies trying to innovate. In the 6-2 opinion by Justice Stephen Breyer, the court found that Google did not violate copyright law when it used portions of Oracle’s Oracle’s Java application program interface to build the Android operating system. Siding with Google, the opinion found the copying constituted “fair use,” meaning Google didn’t have to get Oracle’s permission before using it. “The fair use analysis is really going to set a precedent that’s going to shape serious case law for many, many years to come,” Corynne McSherry, legal director at the Electronic Frontier Foundation, which filed an amicus brief on Google’s behalf, told Yahoo Finance.


Ransom Gangs Emailing Victim Customers for Leverage

Some of the top ransomware gangs are deploying a new pressure tactic to push more victim organizations into paying an extortion demand: Emailing the victim’s customers and partners directly, warning that their data will be leaked to the dark web unless they can convince the victim firm to pay up. “Good day! If you received this letter, you are a customer, buyer, partner or employee of [victim],” the missive reads. “The company has been hacked, data has been stolen and will soon be released as the company refuses to protect its peoples’ data.” “We inform you that information about you will be published on the darknet [link to dark web victim shaming page] if the company does not contact us,” the message concludes. “Call or write to this store and ask to protect your privacy!!!!”

Related Posts