AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 05/18/2021

1 – Major Privacy Breach as Eufy Security Camera Owners Report Seeing Other Users’ Video Feeds

Owners of Eufy home security cameras are this morning reporting seeing live and recorded feeds show up in the Eufy app from other users’ cameras, in what appears to be a disturbing breach of privacy and a major malfunctioning of the company’s service. As with many connected domestic security cameras, Eufy cameras offer users the ability to view real-time and recorded streams of video feeds from the devices set up in and around the home. However, many Eufy owners are reporting seeing video feeds from cameras that are clearly not their own, while some users are claiming they are even able to pan and zoom strangers’ cameras. Other users have reported similar experiences in the last few hours, and the issue appears to be widespread. Some owners affected by the issue are in the United States, but others are located as far afield as New Zealand, suggesting the breach is global.


2 – Ransomware Going for $4K on the Cyber-Underground

In the cybercriminal underground, ransomware samples and builders are going for anywhere between $300 to $4,000, with ransomware-as-a-service rentals costing $120 to $1,900 per year. That’s according to an analysis by Kaspersky of the three main underground forums where ransomware is circulated. They found that the general economy of ransomware is well-developed and complex, with “several actors supplying services to one another.” For instance, botmasters offer access to already-compromised devices; software developers improve the malware; and initial access brokers specialize in providing network access via backdoors or security vulnerability exploits for things like Remote Desktop Protocol (RDP).


3 – What does WiFi stand for?

We use WiFi to connect to the Internet, but what is it, and what does it stand for? How does it have such a catchy name, and why do we sometimes have a weak Internet connection with a strong WiFi signal and vice versa? Read on to answer these questions and more. Many people assume that WiFi is short for “wireless fidelity” because the term “hi-fi” stands for “high fidelity.” Some members of the WiFi Alliance, the wireless industry organization that promotes wireless technologies and owns the trademark, may even have encouraged this misconception. The reality is that WiFi is a made-up marketing term that doesn’t really stand for anything. The Alliance tasked marketing company Interbrand with creating a palatable term that they could trademark because “Institute of Electrical and Electronics Engineers (IEEE) wireless communication standard 802.11 technology” doesn’t quite roll off the tongue.


4 – City pays $350,000 after suing “hackers” for opening Dropbox link it sent them

The city of Fullerton, California, has agreed to pay $350,000 to settle a lawsuit it brought against two bloggers it accused of hacking the city’s Dropbox account. Joshua Ferguson and David Curlee frequently made public record requests in the course of covering city government for a local blog, Friends for Fullerton’s Future. The city used Dropbox to fulfill large file requests, and in response to a June 6, 2019, request for records related to police misconduct, Ferguson and Curlee were sent a link to a Dropbox folder containing a password-protected zip file.  But a city employee also sent them a link to a more general “Outbox” shared folder that contained potential records request documents that had not yet been reviewed by the city attorney. The folder wasn’t password protected or access restricted. At the time, there were 19 zip files in the outbox, five of which were not password protected. 


5 – Your meal delivery kit SMS might also be dropping off malware

Scammers are spoofing popular meal delivery kit services to trick victims into giving away their details, security experts have warned. A report from Tessian found a huge surge in SMS scams impersonating meal kit delivery companies as demand for the services grew significantly during lockdown. The likes of Gousto and HelloFresh are among those used by the scammers, who according to Tessian are using a mixture of phishing and smishing SMS attacks to target victims awaiting their delivery. Tessian highlighted one phishing campaign impersonating Gousto where messages were sent out asking users to rate their delivery to enter a prize draw. However the link within the message took them to a fake website designed to steal personal and financial information, or harvest all important account credentials.  


6 – Hacker Tools Used for Good as Exposed Amazon Cloud Storage Accounts Get Warnings

Responding to the all too familiar news of compromised Amazon cloud storage, security researchers have begun leaving “friendly warnings” on AWS S3 accounts with exposed data or incorrect permissions. The misconfiguration of access control on AWS storage “buckets” has been behind numerous high profile data breaches, including Verizon, The Pentagon, Uber and FedEx. Researchers have begun taking security notification into their own hands, with security advice left behind on publicly accessible storage. These warning messages come in multiple forms from multiple sources, pointing to a plethora of interested parties performing these white hat notifications. The messages range from the simple “Please fix this before a bad guy finds it” to more complex warnings about the consequences of exposed cloud storage.

Related Posts