AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – April 11, 2019

A new component discovered by researchers at Chronicle, a cybersecurity company owned by Google parent Alphabet, suggests that a fourth team was involved in the early development of the notorious Stuxnet malware. Stuxnet, believed to have been developed by the United States and Israel, is a worm designed to target industrial systems. It became known as the world’s first cyber weapon after it caused serious damage at Iranian nuclear facilities. Stuxnet has been extensively analyzed and researchers have found ties to several other threats, including Duqu, Flame and malware developed by the NSA-linked Equation Group. Chronicle has introduced the concept of Supra Threat Actor (STA), which describes threat actors representing multiple countries, institutions or groups. The STA that is believed to have developed Stuxnet has been dubbed GOSSIPGIRL.

 

2 House Democrats Pass Bill to Restore Net Neutrality

Democrats in the U.S. House of Representatives made good on a campaign promise on Wednesday, passing legislation that would effectively reinstate in its entirety the 2015 Open Internet Order—rules that, for a brief time, ensured net neutrality was the law of the land. The bill passed in a 232-190 vote, with only one Republican voting in favor of the legislation. The Save the Internet Act, introduced by Congressman Michael Doyle Jr. last month, would codify into law consumer protections that existed prior to the Federal Communications Commission’s December 2017 repeal of its net neutrality rules. The bill prohibits broadband-access providers such as AT&T and Comcast from blocking or slowing internet content or offering select businesses so-called “fast lanes.”

 

3 New Space ISAC plans to elevate the industry's awareness of cyberthreats

At a time when corporations are planning to blanket the heavens with high-tech hardware, the space industry is responding with the creation of an information sharing and analysis center — a nonprofit organization that helps to track cyberthreats for member companies and related government agencies. The Space Information Sharing and Analysis Center (S-ISAC) will be housed in Colorado Springs, Colorado, within the National Cybersecurity Center, itself a nonprofit, nongovernmental organization created to improve awareness about securing cyberspace. S-ISAC has not released much public information about how it plans to coordinate the space industry around its mission, but a news release from its founding company — Kratos Defense and Security Solutions — says the ISAC was created in response to long-recognized “information sharing gaps within the cybersecurity and space community.”

 

4 How Artificial Intelligence Can Help in the Fight Against Human Trafficking

A group of computational researchers, experts in artificial intelligence (AI) and other members of the technology community is joining forces with policy experts, law enforcement officials, activists and survivors to help put the pieces together. "Imagine the techniques that Google and Facebook are using to make a profit—understanding people, the way they connect, what their interests are, what they might buy or the activities they engage in," says Lopresti. "We can apply those same techniques—data mining, text mining, what's called graph mining—AI that's being used for legitimate and really profitable purposes, to track these illicit behaviors." Although traffickers have embraced the internet and social media platforms to recruit potential victims and advertise to customers, Lopresti says, the same networks provide opportunities for rooting out criminal activity.

 

5 New Vulnerabilities in Verizon Routers Expose Millions of Consumers

Tenable®, Inc., the Cyber Exposure company, today announced that its research team has discovered multiple vulnerabilities in Verizon Fios Quantum Gateway routers. If exploited, the vulnerabilities would give an attacker complete control over the router and visibility into everything connected to it. Millions of these devices are currently in use in U.S. homes. The rise of the smart home has turned the humble router into a top target for cybercriminals. These latest vulnerabilities discovered by Tenable Research (CVE-2019-3914, CVE-2019-3915 and CVE-2019-3916) enable a number of attack scenarios that extend to smart devices, such as home security systems, that are connected to the router and can be compromised remotely. An attacker could tamper with the security settings of the device, change firewall rules or remove parental controls. They could sniff network traffic to further compromise a victim’s online accounts, steal bank details and swipe passwords.

 

6 Equifax forced to report to the Privacy Commissioner of Canada for six years as a result of 2017 data breach

The Office of the Privacy Commissioner of Canada will monitor American credit agency Equifax Inc. for the next six years after an investigation into a massive data breach of personal information at the firm in 2017. On Tuesday, the federal overseer of Canada’s privacy laws released the results of its investigation, finding as many as 19,000 Canadians were ultimately affected. Equifax offers credit monitoring services. It also conducts credit checks on behalf of lenders, or other organizations. For example, consumers wanting to buy a car would have their personal information run through a company like Equifax to determine whether they would qualify for a loan. While the personal information of Canadians was found in the data that was obtained by hackers, including credit reports and payment card details, American consumers were hit worse. More than 209,000 consumers’ credit card credentials were taken in the attack, millions more had personal information like social insurance numbers, driver’s licence numbers or banking information stolen.

Related Posts