AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 04/17/2023

TikTok ban gets final approval by Montana’s GOP legislature 

Montana’s House gave final passage Friday to a bill banning the social media app TikTok from operating in the state, a move that’s bound to face legal challenges but also serve as a testing ground for the TikTok-free America many national lawmakers envision due to concerns over potential Chinese spying. The House voted 54-43 in favor of the measure, which would make Montana the first state with a total ban on the app. It goes further than prohibitions already put in place by nearly half the states—including Montana—and the U.S. federal government that prohibit TikTok on government-owned devices. 

 

Twitter’s new limits may block your next tornado warning 

When tornadoes, flash floods and thunderstorms strike, or threaten to, the National Weather Service and broadcast meteorologists warn their followers using automated tweets, among other methods of dissemination. Twitter has long allowed users free access to systems that allow them to program such posts in response to external sources of information, be it the Weather Service’s alerts, the movement of Musk’s private jet or entries in the dictionaryBut as Musk evolves the social network toward paid features, Twitter warned users that it would limit the automated tweets, allowing 1,500 of them per month free — or, for a $100-a-month fee, as many as 50,000. Weather Service officials said that they expect a limit of 50 automated tweets during any 24-hour period — a threshold its accounts routinely surpass during the most dangerous weather events — and that Twitter officials told them no exceptions would be made. 

 

PSA: You might need your old iPhone to open WhatsApp on your new one 

An upcoming WhatsApp security feature means that you might need to authorize your old phone to allow your account to be moved to a new one … The new feature is known as Account Protect, and applies to both iPhones and Android smartphones. The company doesn’t go into details of exactly how this works – whether it is something you can do in advance, or whether you need both old and new phones at the same time. The latter possibility could pose problems for those who sell their old iPhone before buying their new one. 

 

‘I’ve got your daughter’: Mom warns of terrifying AI voice cloning scam that faked kidnapping 

A mother in Arizona is warning others about a terrifying phone scam involving artificial intelligence that can clone a loved one’s voice. Jennifer DeStefano said she got a call from an unfamiliar phone number and almost let it go to voicemail. However, her 15-year-old daughter was out of town skiing, so she picked up the phone, fearing maybe there had been an accident. “I pick up the phone and I hear my daughter’s voice, and it says, ‘Mom!’ and she’s sobbing,” DeStefano recalled. “I said, ‘What happened?’ And she said, ‘Mom, I messed up,’ and she’s sobbing and crying.” DeStefano said she then heard a man’s voice say, “Put your head back, lie down.” 

 

‘Stop or I’ll fire you’: the driver who defied Uber’s automated HR 

Alexandru Iftimie, a 39-year-old who came to the UK from Romania seven years ago, was just about making ends meet as an Uber driver during the pandemic when he got an unexpected message from the ride-sharing app. “I received a warning: ‘We detected some fraudulent activity, therefore you have to stop otherwise I have to fire you,’” he recalls. “I said: ‘It has to be a mistake, I know I haven’t done anything.’ But two weeks later, I received another one: exactly the same message, with the difference that this time they were saying: ‘It’s the last warning. One more time, you’re done.’” 

 

Kodi Confirms Data Breach: 400K User Records and Private Messages Stolen 

Open source media player software provider Kodi has confirmed a data breach after threat actors stole the company’s MyBB forum database containing user data and private messages. What’s more, the unknown threat actors attempted to sell the data dump comprising 400,635 Kodi users on the now-defunct BreachForums cybercrime marketplace. “MyBB admin logs show the account of a trusted but currently inactive member of the forum admin team was used to access the web-based MyBB admin console twice: on 16 February and again on 21 February,” Kodi said in an advisory. 

Related Posts