AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

#InfoSec News Nuggets – 05/29/2019

One of the US’s most widely used vehicle license plate reader (LPR) companies, Perceptics, is reportedly investigating a data breach after news site The Register was sent files stolen from it last week. The company is probably best known for designing the licence plate imaging systems used at the US border crossings with Mexico and Canada. According to the site, a hacker using the identity “Boris Bullet-Dodger” claimed to have compromised the company, providing a list of 34 compressed directories amounting to hundreds of gigabytes and almost 65,000 files as evidence. Some of them look like software development directories, covering file types such as .htm, .html, .txt, .doc, .asp, .tdb, .mdb, .json, .rtf, .xls, and .tif. More concerning are the directories such as Platedatabase.rar and Plateworkbench.rar and image files the site speculates could be license plates captures.


2 New Bitcoin Scam Leads to Ransomware and Info-Stealing Trojans

A series of web sites are pushing a scam promising $5-30 worth of free bitcoins a day simply by running their Bitcoin Collector program. In reality, this program does nothing but install ransomware or password-stealing Trojans onto a victim's computer. This scam was first discovered by a malware researcher going by the alias Frost who posted about it on Twitter and discussed it with BleepingComputer.com. The scam is promoted through sites that promise to earn you Ethereum by referring other people to their site.  Their FAQ states that by referring 1,000 visits using your referral link you will earn 3 Ethereum, which is worth approximately $750 USD.


3 First American Financial Exposed Millions of Sensitive Documents

The website of financial services company First American Financial until recently exposed hundreds of millions of documents containing sensitive information, security blogger Brian Krebs reported on Friday. According to its Wikipedia page, First American Financial is “a leading provider of title insurance and settlement services to the real estate and mortgage industries.” Krebs learned from Ben Shoval, a real estate developer in Washington state, that a section of First American’s website, firstam.com, had been storing hundreds of millions of title insurance records without proper protection. The exposed documents contained social security numbers, bank account numbers and statements, driver’s licenses, tax and mortgage records, and wire transaction receipts.



Los Angeles-based startup Cinelytic is one of the many players in this space, promising that AI will be a wise producer. The company licenses historical data about movie performances over the years, then cross-references it with information about films’ themes and key talent, using machine learning to tease out hidden patterns in the data. Its software lets customers play fantasy football with their movie, inputting a script and a cast, then swapping one actor for another to see how this affects a film’s projected box office. Say you have a summer blockbuster in the works with Emma Watson in the lead role, says Cinelytic co-founder and CEO Tobias Queisser. You could use Cinelytic’s software to see how changing her for Jennifer Lawrence might change the film’s box office performance. “You can compare them separately, compare them in the package. Model out both scenarios with Emma Watson and Jennifer Lawrence, and see, for this particular film … which has better implications for different territories,” Queisser tells The Verge.


5 The Pentagon has its own island off New York where nobody can go that it's using to run war games for a giant cyber attack on power grid

Only a few have gone through the extensive background checks needed to access Plum Island — where a secretive branch of the US government runs exercises to prepare for all-out cyber war. The speck of land in the Long Island Sound, owned by the Department of Homeland Security is largely deserted. The main attractions are a defunct lighthouse and a center that studies infectious animal diseases. It is also the perfect setting for the US government to stage mock cyber attacks on the power grid. Every six months, the Defense Advanced Research Projects Agency (DARPA) — part of the Pentagon — ferries over experts who work to jumpstart a dead grid, while warding off a series of cyber threats.


6 Microsoft, Facebook to help tame internet ahead of Canada's election, official says

Microsoft Corp and Facebook Inc have agreed to help boost the security of Canada’s October election by removing fake accounts and cracking down on bots, a top government official said on Monday. Last month the Liberal government of Prime Minister Justin Trudeau complained that the world’s major social media companies were not doing enough to help combat potential foreign meddling in the vote and said Ottawa might have to regulate them. Democratic Institutions Minister Karina Gould told legislators that the two companies had made commitments in a voluntary declaration on electoral integrity. “The Wild West online era cannot continue – inaction is not an option. Disinformation must not stand,” said Gould, repeating the threat to crack down on the firms if necessary. Government officials say they fear bad actors – some linked to Russia – will try to interfere in the vote.


7 DHS assessment of foreign VPN apps finds security risk real, data lacking

The risk posed by foreign-made virtual private network (VPN) applications must be accounted for — even if government device users have avoided such apps — because adversaries are interested in exploiting the software, according to a senior Department of Homeland Security official. “Open-source reporting indicates nation-state actors have demonstrated intent and capability to leverage VPN services and vulnerable users for malicious purposes,” Chris Krebs, director of DHS’s Cybersecurity and Infrastructure Security Agency (CISA), wrote in a May 22 letter to Sen. Ron Wyden, D-Ore., obtained by CyberScoop. There is no overarching U.S. policy preventing government mobile device users from downloading foreign VPN apps, according to Krebs.


8 Iranian social network scammers impersonated US political candidates

A new campaign geared towards promoting Iranian interests and spreading fake information by impersonating US political figures has been discovered by researchers. Cybersecurity firm FireEye said on Tuesday that the campaign, believed to be an "Iranian influence operation," connected a vast web of fake social media accounts and news websites to spread a Pro-Iran, anti-Trump message. "Dozens" of websites and "hundreds" of social media accounts are involved. According to FireEye's Alice Revelli and Lee Foster, accounts within the network were created between April 2018 and March 2019. These fake accounts pilfered profile images from online sources and pretended to be political figures, activists, journalists, and correspondents.


9 Apple’s former app approval chief says he’s ‘really worried’ about company’s anticompetitive behavior

The rules that govern what gets approved and what doesn’t in Apple’s App Store have always been a little mysterious. But a new Bloomberg interview with Phillip Shoemaker, a former Apple exec who oversaw the App Store’s approval process between 2009 and 2016, offers some interesting insight. It’s particularly relevant at a time when Apple faces antitrust challenges in both the US and the EU over its management of the App Store. In the interview, Shoemaker says that Apple has long feared that rival apps from companies like Google and Facebook would replace core iOS features like calling and messaging. He notes that this fear is “absolutely the reason” that the company still doesn’t let users set third-party apps as the default service for these primary functions. “That was a real thing. I mean the fear that somebody would come along, a Facebook, a Google, whomever and wipe off and remove all of our items,” says Shoemaker.


10 Pokémon GO will soon use sleep data to “reward good sleep habits”

It’ll come as part of a wider initiative by The Pokémon Company to — as CEO Tsunekazu Ishihara put it in a press conference this evening — “turn sleep into entertainment”. Niantic  CEO John Hanke took the stage at the press conference for a moment, but didn’t really offer much in the way of details. Said Hanke: Niantic pioneered a new kind of gaming by turning the whole world into a gameboard, where we can all play and explore. By creating a new way to see the world and an incentive to go outside and exercise, we hoped to encourage a healthy lifestyle and to make a positive impact on our players and on the world. We’re delighted to be working with The Pokémon Company on their efforts to encourage another part of a healthy lifestyle: getting a good night’s rest. At Niantic, we love exploring the world on foot. And that can’t happen unless we have the energy to embark on these adventures. We’re excited to find ways to reward good sleep habits in Pokémon GO as part of a healthy lifestyle. You’ll be hearing more from us on this in the future.

Related Posts