AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 05/03/2021

1 – European Commission finds Apple’s App Store in violation of EU competition rules

Apple is currently facing several antitrust battles across the US, Europe, and Australia, for allegedly exerting monopolistic power over the App Store and using it to put competitors at a disadvantage. This has even led to the creation of a “Coalition for App Fairness” to promote freedom of choice and the idea of alternative app stores in the Apple ecosystem. Following a complaint made by Spotify in 2019 regarding Apple’s supposedly unfair licensing agreements for streaming app developers that operate in the App Store, the European Commission started an antitrust investigation into the matter. Today, it published the preliminary results, which are nothing short of bad news for Apple, who could be fined to the tune of 10 percent of its 2020 revenue, or around $27.5 billion. The Commission found the Cupertino giant is in violation of EU competition rules, at least when it comes to the music streaming market.


2 – Smishing: Why Text-Based Phishing Should Be on Every CISO’s Radar

Anyone who uses a smartphone has likely been the target of at least one smishing attack. Smishing is much like email phishing scams, but instead sends deceptive or malicious links through text messages. Like phishing, smishing tries to trick users into giving up valuable information, such as bank-login credentials, by convincing the recipient that the message has come from a trusted source. While these types of scams have been exploiting email accounts for decades, cybersecurity professionals should be especially worried about the dramatic rise in smishing attacks over the past couple of years. Even before the era of COVID-19 forced organizations to shift to remote work almost overnight, approximately 81 percent of organizations said their employees had experienced a smishing attack on their mobile devices. In 2020, after lockdowns were in place around the world, smishing attacks proliferated exponentially. One study found that between March and July 2020, these attacks increased by an alarming 29 percent.


3 – Researchers sound the alarm after GitHub floats stricter policies

GitHub on Thursday solicited the comments of the security research community on its new, apparently stricter policies for posting malware and proof-of-concept exploits. But the response may have been more than it bargained for. Some of the changes date back to a month ago when GitHub, which is owned by Microsoft, removed a proof-of-concept exploit for the so-called ProxyLogOn vulnerabilities in Microsoft Exchange that have led to more than 100,000 server infections. There were also other incidents dating back more than a year in which GitHub repositories were found to be infected with malware and capable of being exploited in a supply chain attack. GitHub, which researchers use as a platform where they can test and experiment, said in a blog post that these updates also focus on removing ambiguity in how the platform will define terms such as “exploit,” “malware,” and “delivery” – the platform’s effort to clearly state its expectations and intentions.


4 – ‘I was terrible at crosswords so I built an AI to do them’

Matt Ginsberg is good at a lot of things – he is an AI scientist, author, playwright, magician and stunt plane pilot. But he isn’t very good at crosswords. In fact, despite writing them for the New York Times, he says that when they are published, he often cannot solve his own. So when he was sitting in a hotel ballroom losing yet again in a major US crossword competition, he decided to do something about it. “I was with 700 people who were really good at solving crossword puzzles and it annoyed me that I was so terrible, so I decided to write a computer program that would get even on my behalf,” he told the BBC. And finally he did. After 10 failed attempts, Dr Fill – as the program is known – has just won its first competition. It came first in the American Crossword Puzzle Tournament, the leading crossword competition in the US. Dr Fill was trained on a mass of data, including a giant database of crossword clues and answers scraped from the web.


5 – More US agencies potentially hacked, this time with Pulse Secure exploits

At least five US federal agencies may have experienced cyberattacks that targeted recently discovered security flaws that give hackers free rein over vulnerable networks, the US Cybersecurity and Infrastructure Security Agency said on Friday. The vulnerabilities in Pulse Connect Secure, a VPN that employees use to remotely connect to large networks, include one that hackers had been actively exploiting before it was known to Ivanti, the maker of the product. The flaw, which Ivanti disclosed last week, carries a severity rating of 10 out of a possible 10. The authentication bypass vulnerability allows untrusted users to remotely execute malicious code on Pulse Secure hardware, and from there, to gain control of other parts of the network where it’s installed. Security firm FireEye said in a report published on the same day as the Ivanti disclosure that hackers linked to China spent months exploiting the critical vulnerability to spy on US defense contractors and financial institutions around the world. Ivanti confirmed in a separate post that the zeroday vulnerability, tracked as CVE-2021-22893, was under active exploit.

Related Posts