AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 06/02/2022

Wray: FBI blocked planned cyberattack on children’s hospital

The FBI thwarted a planned cyberattack on a children’s hospital in Boston that was to have been carried out by hackers sponsored by the Iranian government, FBI Director Christopher Wray said Wednesday. Wray told a Boston College cybersecurity conference that his agents learned of the planned digital attack from an unspecified intelligence partner and got Boston Children’s Hospital the information it needed last summer to block what would have been “one of the most despicable cyberattacks I’ve seen.” “And quick actions by everyone involved, especially at the hospital, protected both the network and the sick kids who depended on it,” Wray said. The FBI chief recounted that anecdote in a broader speech about ongoing cyber threats from Russia, China and Iran and the need for partnerships between the U.S. government and the private sector.

 

$1.5 billion in fraudulent transactions stopped by App Store in 2021

While Apple has faced a lot of scrutiny over its tight grip on the App Store, there are some benefits to how Apple handles its App Store. In a press release Apple has stated that nearly 1.5 billion — with a “b” — fraudulent transactions on the App Store were stopped in 2021 alone. ” In 2021, Apple protected customers from nearly $1.5 billion in potentially fraudulent transactions and stopped over 1.6 million risky and vulnerable apps and app updates from defrauding users.” The App Review process uses both computer automation and human manual reviews to approve apps and app updates in a process that Apple calls “multi-layered.” It’s not just about stopping the transactions but also stopping harmful apps from appearing on the App Store in the first place. Over 340,000 apps were rejected last year for privacy violations along.

 

Securely Gaming Online

What makes online gaming so fun is that you can play and interact with others from anywhere in the world, often you don’t even know the people you are playing with. While the vast majority of people online are out to have fun just like you, there are those who want to cause harm. The greatest risk to online gaming is not the technology itself but the interactions you have with strangers. Be cautious of any messages that ask you to take an action, such as clicking on a link or downloading a file. Attackers will use in-game messaging or phishing emails in an attempt to fool you into taking actions that can infect your computer, steal your identity, or your gaming accounts. If a message seems odd, urgent, or too good to be true, be suspicious that it may be an attack.

 

Discord Is the World’s Most Important Financial Messenger, and a Hotbed for Scammers

Earlier this month, Josh Fraser, the founder of the Ethereum-based platform Origin, was poking around Discord, the chat app for gamers that’s become the go-to platform for crypto projects all over the world. What he found startled him. Fraser wanted to see if he could set up an automatic script that would alert him every time users posted certain keywords in his server. He saw several private channels that he couldn’t access, but he was still able to see a lot of information about them. Despite the channels being supposedly private, he was able to see their names, their description, and the channel’s full list of members.

 

Disgraced OpenSea engineer arrested for insider trading

Former OpenSea product manager Nathaniel Chastain has been charged with wire fraud and money laundering in connection with an insider trading scheme. Chastain was arrested Wednesday morning in New York City and is expected to be presented in court later today. Chastain was publicly accused of insider trading in September and fired from his position at OpenSea — but today’s indictment marks the first criminal charges associated with the scheme. While employed at OpenSea, Chastain was responsible for deciding which NFT collections would be featured on OpenSea’s front page, a distinction that typically made the collections skyrocket in value. The indictment describes a pattern of 45 token purchases on 11 different occasions. In each case, Chastain purchased NFTs shortly before they featured on OpenSea’s homepage, sometimes only a matter of minutes before. According to prosecutors, Chastain sold the tokens for “between two and five times his purchase price.”

 

ExpressVPN moves servers out of India to escape customer data retention law

Virtual private network operator ExpressVPN will pull its servers from India, citing the impossibility of complying with the nation’s incoming requirement to record users’ identities and activities. ExpressVPN offers software that routes traffic through servers that load their operating systems entirely into RAM and therefore leave no trace of users’ activities on persistent media. The outfit suggests that’s a point of difference to other VPN providers. But that design is a problem given India’s recently introduced requirement that VPN providers verify customers’ identity, retain their contact details, and store five years worth of data describing their “ownership pattern”. In a blog post, ExpressVPN states its all-RAM design makes compliance with India’s rules impossible because it doesn’t store any logs of users’ activites. The company also dislikes India’s rules, which it has described as “incompatible with the purpose of VPNs.”

Related Posts