AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 04/28/2021

1 – Reverb discloses data breach exposing musicians’ personal info

Popular musical instrument marketplace Reverb has suffered a data breach after an unsecured database containing customer information was exposed online. Reverb is the largest online marketplace devoted to selling new, used, and vintage musical instruments and equipment. Today, Reverb customers began receiving data breach notifications stating that customer information was exposed, including customers’ names, addresses, phone numbers, and email addresses. While Reverb’s notification does not explain how they exposed the data, security researcher Bob Diachenko sheds some light on what happened.


2 – Don’t Forget: A Checklist for Offboarding Remote Employees Securely

We all know about the threat of threat actors trying to access our corporate data.  But with the rise of remote work, keeping an eye on employees during offboarding is an important area to watch, as well. In many cases, employees can still access sensitive data well after they leave the job. This is even more noticeable when they logged in to corporate networks or tools every day while working at home. To prevent these insider threats, a thorough offboarding process is critical. You’re probably familiar with best practices for digital basics like passwords and general data protection. But sometimes, the most insidious issues arise from those processes we tend to forget about or for which we find ourselves unprepared. These risks can come from either employees in the office or remote workers.


3 – Hackers attack 70 times per minute: what happens when a computer is left unsecured on the internet

Every device connected to the internet has a unique IP address. Those IP addresses are public, and they allow computers to find and communicate with each other via the Internet Protocol. Normally, we want to allow legitimate parties to connect to our IP addresses, and keep out adversaries by using firewalls, authentication, and access control. But what if we didn’t take any of those precautions? How long would it take for malicious hackers to find and attack your device? What methods would they use? What do they seek? And where do they come from? Comparitech researchers sought to find the answers to these questions by setting up honeypots—dummy computers designed to lure in attackers so we can record their every step. Researchers set up honeypot devices emulating a range of internet-accessible services and supporting a wide range of protocols including RDP, SSH, MySQL, VNC, and more. The honeypots were left unsecured so that no authentication was required to access and attack it. Using this method, Comparitech researchers sought to find out which types of attacks would occur, at what frequency, and where they come from.


4 – 11-13 year old girls most likely to be targeted by online predators

The Internet Watch Foundation (IWF), a not-for-profit organization in England whose mission is “to eliminate child sexual abuse imagery online”, has recently released its analysis of online predator victimology and the nature of sexual abuse media that is currently prevalent online. The scope of the report covered the whole of 2020. The IWF assessed nearly 300,000 reports in 2020, wherein a little more than half of these—153,383—were confirmed pages containing material depicting child sexual abuse. Compared to their 2019 numbers, there was a 16 percent increase of pages hosting such imagery or being used to share. From these confirmed reports, the IWF were able to establish the following trends: The majority of child victims are female. There has been an increase in the number of female child victims since 2019. In 2020, the IWF has noted that 93 percent of the child sexual abuse material (CSAM) they assessed involved at least one (1) female child. That’s a 15 percent increase compared to numbers in 2019.


5 – Lawyer Asks For New Trial After Cellebrite Vulnerability Discovery

A defense attorney has asked a judge to grant their client a new trial after Moxie Marlinspike, the founder of popular encrypted messaging app Signal, found security issues with mobile phone forensics hardware made by Cellebrite. The case heavily used evidence collected by a Cellebrite device, according to the motion for a new trial obtained by Motherboard. The news signifies continued fallout from Marlinspike’s disclosure, although it is unclear how successful of a legal strategy discussing the vulnerability will be. “This Honorable Court should vacate said guilty find and order a new trial for the reasons contained in the instant motion,” the motion for a new trial, written by Ramon Rozas III, Esq., from law firm Rozas Law Office, reads. Rozas shared a copy of the motion with Motherboard.

Related Posts