AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

#InfoSec News Nuggets – 05/24/2019

This is an article about a Google problem that most of you won't see until it is fixed. That is because Google Search is having a problem where new content is not being indexed in their searched results. We first noticed this when one of our recently published stories was not showing up in Google. When taking a look at other sites, Bleeping Computer noticed that these site's new content was not showin up in the search results as well. Old and existing content, though, was showing as expected. According to Google's Webmaster Twitter account, this is a known issue in their index and they are looking into the problem.


2 LinkedIn Allowed TLS Certificate to Expire—Again

Microsoft-owned social media giant LinkedIn has once again put user data and privacy at risk by allowing a TLS certificate to expire. Some users noticed on Tuesday that when they tried to access LinkedIn from their desktop or laptop computer they were greeted by an alert that said the connection was not secure. It turned out that the company had forgotten to renew the TLS certificate for its lnkd.in URL shortener. The company quickly took action after being notified. The new certificate is valid until May 2021. This is the second time this has happened. In November 2017, LinkedIn forgot to renew a certificate for country-specific domains, such as uk.linkedin.com and de.linkedin.com.


3 Legal Threats Make Powerful Phishing Lures

Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Such scams typically notify the recipient that he/she is being sued, and instruct them to review the attached file and respond within a few days — or else.

Legitimate-looking legal threats have a way of making some people act before they think. Don’t be like those people. Never open attachments in emails you were not expecting.  When in doubt, toss it out. If you’re worried it may be legitimate, research the purported sender(s) and reach out to them over the phone if need be. And resist the urge to respond to these spammers; doing so may only serve to encourage further “mailious” correspondence.


4 Equifax just became the first company to have its outlook downgraded for a cyber attack

Moody’s has just slashed its rating outlook on Equifax, the first time cybersecurity issues have been cited as the reason for a downgrade. Moody’s lowered Equifax’s outlook from stable to negative on Wednesday, as the credit monitoring company continues to suffer from the massive 2017 breach of consumer data. “We are treating this with more significance because it is the first time that cyber has been a named factor in an outlook change,” Joe Mielenhausen, a spokesperson for Moody’s, told CNBC. “This is the first time the fallout from a breach has moved the needle enough to contribute to the change.”


5 Some Androids don’t call 911 when you tell them to call an ambulance

Somebody’s not breathing. You panic, you grab your phone, and you call for an ambulance. Or do you? Unfortunately, if you’re using an Android phone, you might not be. You could instead be calling for, say, medical transportation that isn’t authorized to respond to emergencies. As the Idaho Statesmen reported recently, Android users who use voice commands may tell their smartphones to “call an ambulance” but that phrase doesn’t trigger all Androids to dial the US emergency number of 911. The newspaper didn’t specify which Android models fail to dial 911. Tell Siri, however, to call an ambulance, and the voice assistant will dial 911. That’s a relief. But when some Android phones are given that voice command, they instead pull up a list of ambulance companies. Alternatively, they may respond with a Google search that returns, say, a blog post on when it’s appropriate to call an ambulance, the Statesman reports.


6 Cruise says its AV successfully completed 1,400 unprotected left hand turns

Unprotected left hand turns are tough for robots and humans alike. The compounding variables of crossing in front of oncoming traffic make it one of the toughest maneuverers in driving. It’s one of the toughest challenges for self-driving platforms — even more so as drivers often look for non-verbal cues from other drivers to when it’s safe to cross. Cruise,  the self-driving division within General Motors, today released a video reporting it successfully completed 1,400 such turns within a 24 hour period. The test took place on the busy and hilly streets of San Fransisco. Some of the examples on the video show a vehicle cautiously entering an intersection only to wait for another vehicle to pass before making the turn. Other times, the vehicle is assertive and enters the turn without delay. Only four examples are shown, though Cruise insists they have video proof of all 1,400. None of the videos show the Cruise vehicle navigating around crossing pedestrians.


7 The World Has an E-Waste Problem

As a tech-hungry nation flush with cash gets ready to upgrade to the next generation of lightning-fast 5G devices, there is a surprising environmental cost to be reckoned with: a fresh mountain of obsolete gadgets. About 6 million lb. of discarded electronics are already processed monthly at recycling giant ERI’s Fresno plant. Pallets of once beloved but now outdated devices, like smartphones with only an 8-megapixel camera or tablets with a mere 12 GB of storage, arrive here daily. Workers with hammers hack at the bulkiest devices, while others remove dangerous components like lithium-ion batteries. The scene is like a twisted Pixar movie, with doomed gadgets riding an unrelenting conveyor belt into a machine that shreds them into piles of copper, aluminum and steel.


8 Georgia Tech to offer credit monitoring after data breach affecting 1M+

Georgia Tech is taking steps to help people whose personal information may have been compromised during a data breach. Channel 2's Aaron Diamant has been following this story since it broke in April, when the college said someone gained unauthorized access to a web application, affecting nearly 1.3 million people, including "some current and former faculty, students, staff and student applicants."  Georgia Tech will be sending out letters offering credit monitoring and identify theft protection.


9 Louisville Regional Airport Authority grounded by ransomware attack

The Louisville Regional Airport Authority (LRAA) had its wings clipped on Monday by a ransomware attack on its systems, reports say. According to local news sources, an LRAA spokesperson said the incident encrypted the municipal corporation’s localized files, did not affect operations or security systems at the two airports under its purview, Louisville Muhammad Ali International Airport and Bowman Field. The LRAA, which employees roughly 200 full-time staffers, is reportedly not paying the ransom and restoring its systems with back-ups.


10 5G could mean less time to flee a deadly hurricane, heads of NASA and NOAA warn

As reported by The Washington Post and CNET, the heads of NASA and the National Oceanic and Atmospheric Administration (NOAA) warn the issue could set back the world’s weather forecasting abilities by 40 years — reducing our ability to predict the path of deadly hurricanes and the amount of time available to evacuate. It’s because one of the key wireless frequencies earmarked for speedy 5G millimeter wave networks — the 24 GHz band — happens to be very close to the frequencies used by microwave satellites to observe water vapor and detect those changes in the weather. They have the potential to interfere. And according to NASA and NOAA testimony, they could interfere to the point that it delays preparation for extreme weather events.


11 GOP, Dem Senators officially introduce loot box, “pay-to-win” legislation

Weeks ago, Senator Josh Hawley (R-Mo.) released an outline for the The Protecting Children from Abusive Games Act, aimed at stopping randomized loot boxes and pay-to-win mechanics in the game industry. Today, Hawley was joined by Ed Markey (D-Mass.) and Richard Blumenthal (D-Conn.) in formally introducing that bill in the Senate, complete with an 18-page draft of its legislative text. Perhaps the most interesting portion of the bill attempts to define so-called "pay-to-win" mechanics in games. Those are defined broadly here as purchasable content that "assists a user in accomplishing an achievement within the game that can otherwise be accomplished without the purchase of such transaction" or which "permits a user to continue to access content of the game that had previously been accessible to the user but has been made inaccessible after the expiration of a timer or a number of gameplay attempts."


12 Serial publisher of Windows 0-days drops exploits for 2 more unfixed flaws

One of the two exploits published on Wednesday has now been confirmed to exploit a Windows vulnerability that Microsoft patched in this month's Update Tuesday release cycle. The flaw involving the Windows Error Reporting service was previously described as CVE-2019-0863, Gal De Leon, the researcher Microsoft credited with discovering the vulnerability, said on Twitter. Researchers with "micropatching" service 0patch have confirmed that the other exploit published on Wednesday, an IE 11 sandbox bypass, does indeed work on a fully patched Windows 10 system.


13 Cybersecurity experts warn Baltimore to stop 'playing' with ransomware attacks

Cybersecurity experts say Baltimore is playing with fire as a deadline to pay thousands of dollars in ransom to hackers holding several of the city's servers hostage has come and gone. It has been two weeks since a cyberattack crippled Baltimore's computer network. The internet thieves wanted 13 bitcoins – about $100,000 – at the beginning, but the sum has risen $10,000 per day since. The deadline for the payment – Friday – has come and gone. The city isn't saying whether it paid but several servers were still inoperable Monday. "What's frustrating with Baltimore is that it's been quite a long time since the infection," Daniel Tobok, CEO of Cytelligence, told Fox News. "If they aren't fully operational by now, why are they still playing with this?"


14 Facebook Pilots Anti-Hate Speech Moderation Team

Four million. That’s the number of pieces of content on Facebook that the platform claims it took action against for containing hate speech from January to March this year, according to its most recent transparency report. (And to put a fine point on it, that’s just the content it actually caught.) In a press briefing this afternoon, vice president of global operations Justin Osofsky teased a plan to pilot a subgroup of moderators who are specifically tasked with handling hate speech. “We’re launching a pilot program where some reviewers specialize in hate speech,” Osofsky said. “Right now most of our reviewers look at content across the spectrum. By focusing on hate speech enforcement, these reviewers will establish a deeper understanding of how it manifests, and be able to make more accurate calls.”


15 WannaCry-Infested Laptop Starts at $1.13M in Art Auction

Malware as high art? Stranger things have happened, but a Windows laptop infected with six high-profile pieces of malware (think WannaCry and BlackEnergy) is nonetheless looking to fetch more than $1 million in public art-auction bids. A project called “The Persistence of Chaos,” mounted by artist Guo O. Dong with help from the Deep Instinct security firm, consists of an old Samsung Blue Netbook from 2008, running Windows XP SP3. It features six pieces of malware that together are responsible for at least $95 billion in financial damages. In addition to WannaCry (responsible for a mass ransomware attack in 2017 that people are still shell-shocked from) and BlackEnergy (the destructive code behind the Christmas power outage in the Ukraine), the laptop has expressive infections like the Dark Tequila malware (a sophisticated credential-stealer first spotted in 2013, known for its cocktail of highly targeted and effective attack modules).


16 Mobile Chrome, Safari, and Firefox failed to show phishing warnings for more than a year

For more than a year, mobile browsers like Google Chrome, Firefox, and Safari failed to show any phishing warnings to users, according to a research paper published this week. "We identified a gaping hole in the protection of top mobile web browsers," the research team said. "Shockingly, mobile Chrome, Safari, and Firefox failed to show any blacklist warnings between mid-2017 and late 2018 despite the presence of security settings that implied blacklist protection." The issue only impacted mobile browsers that sued the Google Safe Browsing link blacklisting technology.

Related Posts