AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 06/01/2022

Ed tech wrongfully tracked school children during pandemic

Globally, students who were required to use government-endorsed education technology (ed tech) during the COVID-19 pandemic had their contact, keystroke, and location data collected and sold to ad tech companies, according to the Human Rights Watch (HRW). A total of 146 of 164 government-endorsed ed tech products endangered the privacy of children, with 199 third-party companies receiving personal data, the HRW said. Further, only 35 endorsed vendors disclosed that user data would be collected for behavioural advertising, whilst a total of 23 products were developed with children as primary users in mind.


Beware the Smish! Home delivery scams with a professional feel…

Home delivery scams, where the crooks falsely apologise to you for not delivering your latest parcel, have been around for years. However, as we have unfortunately needed to say many times on Naked Security, these scams seem to have become steadily more professional-looking during the pandemic, as more and more people have got into the habit of ordering deliveries for everyday shopping instead of heading into stores. For example, here’s a contemporary SMS-based scam (phishing that is kicked off by a text message, or SMS, is wryly known as smishing) that makes a good “picture story” of how these cybercrimes unfold. In this criminal campaign, the scammers were targeting a home delivery company in the UK called Evri.


Shanghai lockdowns to ease, but tech supply chain woes will likely continue

China’s commercial capital, Shanghai, will this week ease pandemic restrictions that have hampered production at key suppliers of US tech giants. The city’s municipal government announced that residents in areas deemed low risk will be free to move within the city, use public transport and drive on roads from midnight on June 1. Tesla, Apple and Cisco are among US firms that have been caught out by China’s COVID-19 restrictions under its controversial zero-COVID policy. In April, Tesla shut down production at its Shanghai Gigafactory to comply with city restrictions, which commenced for some areas in March and became a city-wide lockdown in April as infections rose.


Chinese Threat Actors Exploiting ‘Follina’ Vulnerability

The existence of the flaw, which can be exploited for remote code execution, came to light on May 27, when a malicious document exploiting it was spotted in the wild. The vulnerability was dubbed Follina by researcher Kevin Beaumont, one of the first members of the cybersecurity community to analyze the exploit. The security hole is related to the Microsoft Support Diagnostic Tool (MSDT), with the exploit being triggered when the targeted user opens a specially crafted document. While a patch has yet to be released, Microsoft noted that Protected View, a feature designed to block these types of attacks, should protect users. However, researchers determined that if the attacker delivers the exploit as an RTF file, the exploit is triggered when a preview of the file is viewed in Explorer, and Protected View does not step into action.


Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang — Conti. Ransomware experts say there is good reason to believe the same cybercriminals are behind both attacks, and that Hive has been helping Conti rebrand and evade international sanctions targeting extortion payouts to cybercriminals operating in Russia. The Costa Rican publication CRprensa.com reports that affected systems at the Costa Rican Social Security Fund (CCSS) were taken offline on the morning of May 31, but that the extent of the breach was still unclear. The CCSS is responsible for Costa Rica’s public health sector, and worker and employer contributions are mandated by law.


The Race to Hide Your Voice

Your voice reveals more about you than you realize. To the human ear, your voice can instantly give away your mood, for example—it’s easy to tell if you’re excited or upset. But machines can learn a lot more: inferring your age, gender, ethnicity, socio-economic status, health conditions, and beyond. Researchers have even been able to generate images of faces based on the information contained in individuals’ voice data. As machines become better at understanding you through your voice, companies are cashing in. Voice recognition systems—from Siri and Alexa to those using your voice as your password—have proliferated in recent years as artificial intelligence and machine learning have unlocked the ability to understand not just what you are saying but who you are. Big Voice may be a $20 billion industry within a few years. And as the market grows, privacy-focused researchers are increasingly searching for ways to protect people from having their voice data used against them.

Related Posts