Our website may use cookies to improve and personalize your experience and to display advertisements (if any). Our website may also include cookies from third parties like Google Adsense or Google Analytics. By using the website, you consent to the use of cookies. We’ve updated our Privacy Policy. Please click on the button to check our Privacy Policy.

AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 04/14/2021

1 – Clubhouse CEO says user data was not leaked, contrary to reports

Clubhouse CEO Paul Davison said Sunday that a report claiming personal user data had been leaked was “false.” Cyber News reported a SQL database with users’ IDs, names, usernames, Twitter and Instagram handles and follower counts were posted to an online hacker forum. According to Cyber News, it did not appear that sensitive user information such as credit card numbers were among the leaked info. Clubhouse did not immediately reply to a request for more information from The Verge on Sunday. But Davison said in response to a question during a town hall that the platform had not suffered a data breach. “No, This is misleading and false, it is a clickbait article, we were not hacked. The data referred to was all public profile information from our app. So the answer to that is a definitive ‘no.’”

 

2 – A chat with DarkSide

If you would meet us on the street – you would never realize that we are cyberpests, because we are the same normal people like everyone else. Many have families and children, the only thing that these circumstances in which we found themselves in our country are. We have no hatred and desire to cause damage, we perceive our business as any other, the ultimate goal of which is profit. – Darkside. In August, 2020, when the ransomware group known as DarkSide introduced themselves via a press release on their web site, they made a point of immediately claiming that although their product might be new, they were not new kids on the block. Their announcement also stated what kinds of entities they did not attack, and that they only attacked companies that could pay the demanded amount — an amount they claim they determine by researching the companies they attack.

 

3 – Domino’s starts making autonomous pizza deliveries

If you order a pizza from Domino’s in Houston, a robot might drop off your dinner. The company will this week start making autonomous deliveries with the help of Nuro’s R2 robot, almost two years after it announced the project. Domino’s says R2 is the first fully self-driving, on-road delivery vehicle to receive regulatory approval from the Department of Transportation. On certain days and times, folks who order from a Domino’s location in Woodland Heights can choose to have R2 deliver their food. They can track R2’s location via text alerts or on the order confirmation page. Domino’s will provide customers with a PIN, which they can punch in on R2’s touchscreen to retrieve their order.

 

4 – FBI Accesses Computers Around Country to Delete Microsoft Exchange Hacks

On Tuesday the Department of Justice announced the FBI was given approval to access hundreds of computers across the United States running vulnerable versions of Microsoft Exchange Server software to remove web shells left by hackers who had earlier penetrated the systems. The news shows some of the more proactive steps law enforcement may take when faced with large scale hacking operations, and victims who are not willing or able to swiftly patch their systems. In short, the FBI obtained permission to access computers to remove artifacts of an earlier, high profile hacking operation in order to prevent further access to those machines by hackers.

 

5 – Apple quietly updated some of its top hardware due to security risks

According to reports, Apple made changes to the firmware of some of its processors in the fall of 2020 – but the alterations were reportedly never announced and apparently made mid-production. Spotted by Twitter user Andrew Pantyukhin, the changes were made to update the Secure Enclave component on the A12, A13, and S5 processors in Apple’s devices in the fall of 2020. As its name suggests, the Secure Enclave is a secure co-processor, that handles keys and other sensitive information such as bio-metrics. It is isolated from the main processor in order to provide an extra layer of security. The Secure Enclave is shipped with certain versions of the iPhone, iPad, Mac, Apple TV, Apple Watch and HomePod. 

Related Posts