AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 04/12/2021

1 – Hackers Hacked as Underground Carding Site is Breached

Thousands of cyber-criminals have had their personal data leaked online after a popular carding forum was hacked, according to Group-IB. The Singapore-based security firm said it discovered that data belonging to users of the Swarmshop site was leaked to another underground forum on March 17. “The database was posted on a different underground forum and contained 12,344 records of the card shop admins, sellers and buyers including their nicknames, hashed passwords, contact details, history of activity and current balance,” explained Group-IB. “In addition to user data, the database exposed all compromised data traded on the website, including 623,036 payment card records issued by the banks from the US, Canada, the UK, China, Singapore, France, Brazil, Saudi Arabia, Mexico; 498 sets of online banking account credentials; and 69,592 sets of US Social Security Numbers and Canadian Social Insurance Numbers.”

 

2 – NSA About To Release Unclassified 5G Security Guidance

The National Security Agency, working with others, is creating new unclassified 5G security guidance to be published this spring, NSA Executive Director Wendy Noble said today. It will “outline threats and risks to 5G infrastructure,” Noble said and be based on work by the Enduring Security Framework (ESF), which is “currently assessing 5G adoption across the threat landscape and examining ways to minimize those risks to the US.” “Looking out on the 5G security horizon,” she said, “[NSA’s internal] research organization is investigating the role of artificial intelligence and machine learning in mitigating security risks. They are developing data analytics to define expected behavioral patterns, identify anomalies, and implement the zero-trust model. We look to data analytics to provide insight into network automation and orchestration, given the large amount of data that will traverse 5G networks and overwhelm network managers.”

 

3 – Google Forms and Telegram abused to collect phished credentials

Security researchers note an increase in alternative methods to steal data from phishing attacks, as scammers obtain the stolen info through Google Forms or private Telegram bots. Email remains the preferred method to exfiltrate stolen info but these channels foreshadow a new trend in the evolution of phishing kits. Analyzing phishing kits over the past year, researchers at cybersecurity company Group-IB noticed that more of these tools allow collecting stolen user data using Google Forms and Telegram. These are regarded as alternative methods for obtaining compromised data and account for close to 6% of what Group-IB analysts found, a share that is likely to increase in the short term. Storing the info in a local file in the phishing resource is also part of the alternative exfiltration methods and accounts for the highest percentage of all.

 

4 – Watch: Monkey uses Elon Musk’s Neuralink to play Pong with its mind

A new video released by Elon Musk’s Neuralink shows a monkey playing Pong using its mind and embedded brain-human interface. Neuralink is Musk’s brain-machine interface (BMI) company that allows electrodes placed in parts of the brain to interface with machines, computers, and even mobile devices. These electrodes are used to record brain activity as a person performs an activity or shows emotion. These signals can then be used to train Neuralink to perform actions with machinery or other implanted devices so that the person’s mind controls them. Neuralink demonstrates how they have trained a macaque monkey to use its brain-machine interface to play the Pong video game using its mind in a new video released today. To train the monkey, scientists embedded a BMI on both sides of the monkey’s brain and used its over 2,000 electrodes and a smoothy reward to teach the money how to play Pong using a joystick.

 

5 – US arrests suspect who wanted to blow up AWS data center

The FBI has arrested on Thursday a Texas man who planned to blow up one of the Amazon Web Services (AWS) data centers in an attempt to “kill of about 70% of the internet.” Seth Aaron Pendley, 28, of Wichita Falls, Texas, was arraigned in front of a Texas judge today and formally indicted with a malicious attempt to destroy a building with an explosive. The US Department of Justice said Pendley was arrested on Thursday after he tried to acquire C-4 plastic explosives from an undercover FBI employee in Fort Worth, Texas. The FBI said they learned of Pendley’s plans after the suspect confided in January 2021 via Signal, an encrypted communications app, to a third-party source about plans to blow up one of Amazon’s Virginia-based data centers. The source alerted the FBI and introduced the suspect to the undercover agent on March 31.

 

6 – Apple Agrees to Provide Executive to Testify At Upcoming App Store Senate Hearing

Apple has agreed to provide its chief compliance officer, Kyle Andeer, to the Senate Judiciary Committee’s antitrust panel for a hearing on anti-competitive practices for mobile app stores on April 21, according to Bloomberg’s Mark Gurman. Earlier this week, Apple refused to provide an executive for the hearing around anti-competitive practices on online stores. In a letter obtained by Bloomberg News, Apple says that it has deep respect for the role and job of the subcommittee and that it was simply seeking alternative dates for the hearing due to its coming trial with Epic Games, also about the App Store. “We have deep respect for your role and process on these matters and, as we told your staff, we are willing to participate in a hearing in the subcommittee,” Apple said. “We simply sought alternative dates in light of upcoming matters that have been scheduled for some time and that touch on similar issues.”

 

7 – Google allegedly gave its ad system an advantage with a special project

Texas thinks it might have an edge in its antitrust lawsuit against Google. MLex and the Wall Street Journal have found unredacted court documents showing that Google ran a program, Project Bernanke, that allegedly gave its ad purchasing system an edge over rivals. The internet giant used data from publishers’ ad servers to steer advertisers toward the price they’d have to pay for ad placements, but didn’t tell this to the publishers selling those ads. This amounted to insider trading, Texas claimed, as it could use exclusive info to undercut competing ad-buying systems and pay publishers less. An internal presentation from 2013 showed that Project Bernanke stood to make $230 million that year. Texas saw this as evidence Google was capitalizing on its advantage.

 

8 – Over 1.3M Clubhouse user accounts posted to hacker forum

The data of approximately 1.3 million Clubhouse users have been posted to a hacker forum, but the iOS app’s developers claim the platform wasn’t hacked, and that the data was publicly available information. Posted to a forum and openly visible, the SQL database includes many details about the users of the highly popular audio-based social network. Approximately data from 1.3 million users was scraped and placed into the database. The list of data in the database covers quite a lot of personal information, including the user ID for the account, the user’s name, username, Twitter and Instagram handles, follower and following counts, when the account was created, and who invited the user to join, reports Cybernews. While seemingly a lot of information, the data in the database is largely made up of information that could be publicly accessible elsewhere. It doesn’t include sensitive information such as a password or an email address, which could have been a more damaging scenario.

Related Posts