AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 05/28/2021

1 – NASA Identified Over 6,000 Cyber Incidents in Past 4 Years

The U.S. National Aeronautics and Space Administration (NASA) identified more than 6,000 cyber-related incidents in the last four years, according to a report published this month by NASA’s Office of Inspector General. NASA has institutional systems, which are used for the day-to-day work of employees — these include data centers, web services, computers and networks. It also has mission systems, which support its aeronautics, space exploration and science programs — these include systems used for controlling spacecraft and processing scientific data. The agency has more than 4,400 applications, over 15,000 mobile devices, roughly 13,000 software licenses, nearly 50,000 computers, and a whopping 39,000 Tb of data. The audit conducted by NASA’s inspector general has revealed that while attacks on the agency’s networks are not uncommon, “attempts to steal critical information are increasing in both complexity and severity,” and the agency’s ability to detect, prevent and mitigate attacks is limited.


2 – Facebook Adapts Defenses as Deception Campaigns Go Stealth

Facebook said Wednesday that it has disrupted more than 150 deceptive influence schemes since 2017, with Russia the biggest single source, as culprits strive to stay “under the radar.” The number of coordinated inauthentic behavior (CIB) campaigns derailed at the leading social network ramped up each year since a Russia-linked operation to sway the outcome of the 2016 US presidential election put Facebook on the defensive. While those behind influence operations (IO) went unchecked on the playing field in 2016, Facebook has invested in hiring, automated systems, and industry alliances over the ensuing years. “These efforts have pressed threat actors to shift their tactics,” Facebook head of security policy Nathaniel Gleicher said during a briefing on the report. “They have – often without success – moved away from the major platforms and increased their operational security to stay under the radar.”


3 – SolarWinds hackers are at it again, targeting 150 organizations, Microsoft warns

The Russian-based group behind the SolarWinds hack has launched a new campaign that appears to target government agencies, think tanks and non-governmental organizations, Microsoft said Thursday. Nobelium launched the current attacks after getting access to an email marketing service used by the United States Agency for International Development, or USAID, according to Microsoft. “These attacks appear to be a continuation of multiple efforts by Nobelium to target government agencies involved in foreign policy as part of intelligence gathering efforts,” Tom Burt, Microsoft vice president of customer security and trust, wrote in a blog post.


4 – Hacktivist Posts Massive Scrape of Crime App Citizen to Dark Web

A hacktivist has scraped a wealth of data from the crime and neighborhood watch app Citizen and posted it on a dark web site, Motherboard has learned. The data includes a huge amount of data related to 1.7 million “incidents”—events that Citizen informs users about concerning crime or perceived crime in their area—such as the GPS coordinates of where the incident took place, its update history, a clip of the police radio that the incident relates to, and associated images. Much of this information would ordinarily be available to users as part of the normal functioning of the Citizen app. But with the hacker scraping it en masse and releasing it as a series of files to download, the data is qualitatively different from what the Citizen app offers, and allows journalists and researchers to gain greater insight into the use and spread of the app around the country. The scrape is somewhat similar to other recent mass collections and redistributions of public information, such as the Parler scrape that occurred after the January 6 insurrection at the U.S. Capitol.


5 – What is encryption? And why it matters in a VPN

Encryption is a term used to describe the methods that hide the true meaning of messages using code, especially to prevent unauthorized access to the information in the messages. Not all users of virtual private networks (VPN) care about encryption, but many are interested and benefit from strong end-to-end encryption. So let’s have a look at the different types of encryption and what makes them tick. We have discussed the different types of VPN protocols elsewhere, and pointed out that a big factor in many of the important properties of a VPN is the type and strength of encryption. To accomplish end-to-end encryption a process called VPN tunneling is needed.


6 – Twitter’s live audio Spaces arrive on the web

Twitter has been building out Spaces, the live audio feature it launched in December, as a means of expanding beyond tweets with an eye to monetization. With Spaces already available on iOS and Android, it was clear where the Clubhouse-style talk rooms would be headed next. Today, the feature is landing on Twitter’s desktop and mobile website.  As for how it will work on the web, Twitter revealed that you’ll be able to preview a Space in a pop-up window before joining, where you’ll be able to see a description and some or all of the participants based on the size of the room. Upon entering a Space, you’ll also be able to continue browsing while it appears as a minimized window on the right-hand side, otherwise home to the trending and topics previews. The same pop-up will also display transcriptions for deaf and hard of hearing users — and others who may want to follow a conversation with the sound off.

Related Posts