AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 05/20/2022

Texas social media law will cause “chaos” online, Supreme Court is told

More than two dozen groups have urged the US Supreme Court to block a Texas law that prohibits large social media companies from moderating content based on a user’s “viewpoint.” The Texas law, HB20, “results in blatant violations of the First Amendment rights of platform providers,” said a Supreme Court brief filed yesterday. The law taking effect means that “chaos will ensue online with disastrous and irreparable consequences,” the brief said, continuing: With platforms unable to effectively moderate scammers, messages preying on vulnerable populations, including the elderly, will proliferate online. The uptick of this content will predictably result in yet more people being tricked into sending money to scammers or disclosing financial information, leading to identity theft and financial ruin. Platforms will be powerless to regulate speech praising terrorists and those who engage in murderous campaigns, with horrendous potential ramifications if even a single person engages in copycat activity. And they may be precluded from protecting children from age-inappropriate content, including reprehensible messages encouraging our youth to engage in self-destructive activities.


Twitter deal leaves Elon Musk with no easy way out

Since the financial crisis, corporate lawyers have aspired to build the ultimate ironclad merger contract that keeps buyers with cold feet from backing out. The “bulletproof” modern deal agreement now faces one of its biggest tests, as Elon Musk, the Tesla boss and richest person in the world, openly entertains the possibility of ditching his $44 billion deal for Twitter. Musk said in a tweet this week that the “deal cannot move forward” until the social media platform provides detailed data about fake accounts, a request that Twitter seems unlikely to meet. Twitter’s board, meanwhile, has stated its commitment “to completing the transaction on the agreed price and terms as promptly as practicable.” Simply abandoning the deal is not an option. Musk and Twitter have both signed the merger agreement, which states that “the parties… will use their respective reasonable best efforts to consummate and make effective the transactions contemplated by this agreement.”


Conti ransomware shuts down operation, rebrands into smaller units

The notorious Conti ransomware gang has officially shut down their operation, with infrastructure taken offline and team leaders told that the brand is no more. This news comes from Advanced Intel’s Yelisey Boguslavskiy, who tweeted this afternoon that the gang’s internal infrastructure was turned off. While public-facing ‘Conti News’ data leak and the ransom negotiation sites are still online, Boguslavskiy told BleepingComputer that the Tor admin panels used by members to perform negotiations and publish “news” on their data leak site are now offline. In addition, BleepingComputer was told that other internal services, such as their rocket chat servers, are being decommissioned.


Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act

The policy for the first time directs that good-faith security research should not be charged. Good faith security research means accessing a computer solely for purposes of good-faith testing, investigation, and/or correction of a security flaw or vulnerability, where such activity is carried out in a manner designed to avoid any harm to individuals or the public, and where the information derived from the activity is used primarily to promote the security or safety of the class of devices, machines, or online services to which the accessed computer belongs, or those who use such devices, machines, or online services. “Computer security research is a key driver of improved cybersecurity,” said Deputy Attorney General Lisa O. Monaco. “The department has never been interested in prosecuting good-faith computer security research as a crime, and today’s announcement promotes cybersecurity by providing clarity for good-faith security researchers who root out vulnerabilities for the common good.”


FTC to Crack Down on Companies that Illegally Surveil Children Learning Online

The Federal Trade Commission announced today that it will crack down on education technology companies if they illegally surveil children when they go online to learn. In a new policy statement adopted today, the Commission made it clear that it is against the law for companies to force parents and schools to surrender their children’s privacy rights in order to do schoolwork online or attend class remotely. Under the Children’s Online Privacy Protection Act, companies cannot deny children access to educational technologies when their parents or school refuse to sign up for commercial surveillance. “Students must be able to do their schoolwork without surveillance by companies looking to harvest their data to pad their bottom line,” said Samuel Levine, Director of the FTC’s Bureau of Consumer Protection. “Parents should not have to choose between their children’s privacy and their participation in the digital classroom. The FTC will be closely monitoring this market to ensure that parents are not being forced to surrender to surveillance for their kids’ technology to turn on.”


Two Military Satellites Just Communicated With Each Other Using Space Lasers

Two satellites recently exchanged more than 200 gigabits of data over a distance of about 60 miles (100 kilometers) using laser communication in space. The achievement sets the stage for yet another satellite constellation. Satellites generally don’t communicate directly with each other. Instead, they use radio signals to transfer data down to a ground station on Earth, which then relays this data to another satellite. Optical terminals between satellites are considered to be faster and more secure. CACI International—the company that developed the optical terminals for the space lasers—announced the achievement on Tuesday in a press release. The two satellites, named Able and Baker, were launched last summer by the U.S. Defense Advanced Research Projects Agency as part of its Blackjack project. DARPA is seeking to build a constellation of small satellites in low Earth orbit for the purpose of supporting military operations.


Spanish police dismantle phishing gang that emptied bank accounts

The Spanish police have announced the arrest of 13 people and the launch of investigations on another seven for their participation in a phishing ring that stole online bank credentials. The threat actors used phishing lures to trick their victims into believing they received an alert from their bank and proceeded to steal their account credentials. Having access to banking accounts, the adversaries used their victims’ money to make online purchases, direct transfers to “money mule” accounts, or request personal loans. The police say the threat actors stole at least 443,600 Euros ($466,000). from approximately 146 victims as part of these phishing attacks.

Related Posts