AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 04/20/2023

The Car Thieves Using Tech Disguised Inside Old Nokia Phones and Bluetooth Speakers 

A man sitting in the driver’s seat of a Toyota is repeatedly tapping a button next to the steering wheel. A red light flashes—no luck, the engine won’t start. He doesn’t have the key. In response, the man pulls up an usual tool: a Nokia 3310 phone. The man plugs the phone into the car using a black cable. He then flicks through some options on the 3310’s tiny LCD screen. “CONNECT. GET DATA,” the screen says. 


An earlier supply chain attack led to the 3CX supply chain attack, Mandiant says 

The supply-chain attack against 3CX last month was caused by an earlier supply-chain compromise of a different software firm — Trading Technologies — according to Mandiant, whose consulting crew was hired by 3CX to help the VoIP biz investigate the intrusion. “This is the first time that we’ve ever found concrete evidence of a software supply chain attack leading to another software supply chain attack,” Mandiant Consulting CTO Charles Carmakal told reporters on Wednesday. This, of course, also means that 3CX probably wasn’t the only company compromised in the earlier supply-chain attack. “What we are concerned about is that there are likely victims from before that haven’t yet discovered that they are a victim, and will likely discover that they were compromised as we get this information out,” Carmakal said. 


ChatGPT’s Data Protection Blind Spots and How Security Teams Can Solve Them 

In the short time since their inception, ChatGPT and other generative AI platforms have rightfully gained the reputation of ultimate productivity boosters. However, the very same technology that enables rapid production of high-quality text on demand, can at the same time expose sensitive corporate data. A recent incident, in which Samsung software engineers pasted proprietary code into ChatGPT, clearly demonstrates that this tool can easily become a potential data leakage channel. This vulnerability introduces a demanding challenge for security stakeholders, since none of the existing data protection tools can ensure no sensitive data is exposed to ChatGPT. In this article we’ll explore this security challenge in detail and show how browser security solutions can provide a solution. All while enabling organizations to fully realize ChatGPT’s productivity potential and without having to compromise on data security. 


Five Eye nations release new guidance on smart city cybersecurity 

New guidance, Cybersecurity Best Practices for Smart Cities, wants to raise awareness among communities and organizations implementing smart city technologies that these beneficial technologies can also have potential vulnerabilities. A collaboration among the Five Eye nations (Australia, Canada, New Zealand, the UK, and the US), it advises communities considering becoming smart cities to assess and mitigate the cybersecurity risks that comes with the technology. What makes smart cities attractive to attackers is the data being collected and processed. Because AI-powered systems are being used to integrate this data, these should be given special attention when checking for vulnerabilities. 


NSO Group Used 3 Zero-Click iPhone Exploits Against Human Rights Defenders 

Israeli spyware maker NSO Group deployed at least three novel “zero-click” exploits against iPhones in 2022 to infiltrate defenses erected by Apple and deploy Pegasus, according to the latest findings from Citizen Lab. “NSO Group customers widely deployed at least three iOS 15 and iOS 16 zero-click exploit chains against civil society targets around the world,” the interdisciplinary laboratory based at the University of Toronto saidNSO Group is the manufacturer of Pegasus, a sophisticated cyber weapon that’s capable of extracting sensitive information stored in a device – e.g., messages, locations, photos, and call logs, among others — in real-time. It’s typically delivered to targeted iPhones using zero-click and/or zero-day exploits. 

Related Posts