AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 06/08/2021

US truck and military vehicle maker Navistar discloses data breach

Navistar International Corporation (Navistar), a US-based maker of trucks and military vehicles, says that unknown attackers have stolen data from its network following a cybersecurity incident discovered on May 20, 2021. The company disclosed the attack in an 8-K report filed with the Securities and Exchange Commission (SEC) on Monday. Navistar says that its operations haven’t been affected despite the security breach as its IT systems are fully operational. The company also took a series of measures designed to mitigate the potential impact of the May security breach. “Upon learning of the cybersecurity threat, the Company launched an investigation and undertook immediate action in accordance with its cybersecurity response plan, including employing containment protocols to mitigate the impact of the potential threat, engaging internal and third-party information technology security and forensics experts to assess any impact on the Company’s IT System, and utilizing additional security measures to help safeguard the integrity of its IT System’s infrastructure and data contained therein,” Navistar said.

 

Police raids around world after investigators crack An0m cryptophone app in major hacking operation

Drug deals and other criminal groups in the UK, Europe, Canada, Australia, New Zealand and the US were sending messages on an encrypted communications network, unaware that it was being run the FBI. The network, known as An0m, offered encrypted Android phones and an encrypted computer platform that claimed to offer its users secure communications. The FBI created An0m as a closed encrypted platform to target organised crime, drug trafficking and money laundering. An0m had 9,000 users world-wide. Users were unaware that the FBI had been harvesting their private communications for 18 months. The platform is the latest in string of encrypted communications networks, known as criminally dedicated secure communications (CDSC) networks to breached by law enforcement.

 

Investors call for ethical approach to facial recognition technology

A group of 50 investors managing more than $4.5 trillion in assets is calling on companies involved in the development and use of facial recognition technology, such as Amazon and Facebook, to do so in an ethical way. The investor group, which is led by asset manager Candriam, a European division of U.S. financial services company New York Life, said in a statement the technology could infringe on an individual’s privacy rights, given the lack of consent of those being identified, and that there is often no official oversight. The initiative shows how fund managers are increasingly taking up policy issues that were once considered fringe subjects for shareholders as retail investors pour billions of dollars into funds focused on ethical and sustainability criteria.

 

Google, Facebook, Chaos Computer Club join forces to oppose German state spyware

Plans by the German government to allow the police to deploy malware on any target’s devices, and force the tech world to help them, has run into some opposition, funnily enough. In an open letter this month, the Chaos Computer Club – along with Google, Facebook, and others – said they are against proposals to dramatically expand the use of so-called state trojans, aka government-made spyware, in Germany. Under planned legislation, even people not suspected of committing a crime can be infected, and service providers will be forced to help. Plus all German spy agencies will be allowed to infiltrate people’s electronics and communications. The proposals bypass the whole issue of backdooring or weakening encryption that American politicians seem fixated on. Once you have root access on a person’s computer or handheld, the device can be an open book, encryption or not.

 

After DOJ arrest of Latvian Trickbot coder, experts highlight public-private efforts to tackle cybercrime

On Friday, the Justice Department announced that it arrested 55-year-old Latvian national Alla Witte, charging her for playing a role in “a transnational cybercrime organization” that was behind “Trickbot,” one of the most well-known and widely used banking trojans and ransomware tools. Witte is now facing 19 different charges ranging from computer fraud to aggravated identity theft for the part she played in the Trickbot group, which helped disseminate the malware from Russia, Belarus, Ukraine, and Suriname. The group was made up of people who were also involved in the Dyre ransomware, according to the indictment.  Deputy Attorney General Lisa Monaco, who heads up the new Ransomware and Digital Extortion Task Force, said in a statement that Trickbot was used to infect millions of computers, harvest banking credentials and deliver ransomware to organizations across the US, Europe and India. 

 

US recovers part of multimillion-dollar ransom paid to Colonial Pipeline hackers

The US Department of Justice said Monday that it’s recovered millions of dollars in cryptocurrency that was part of a ransom paid to hackers who attacked Colonial Pipeline and prompted the shutdown last month of the East Coast’s main fuel-supply artery. The DOJ said it seized 63.7 bitcoins valued at about $2.3 million that was part of the ransom demanded by a group known as DarkSide, which is thought to be based in Russia. The pipeline operator had paid hackers $4.4 million in cryptocurrency because executives weren’t sure how bad the breach was or how long it would take to restore operations, Joseph Blount, CEO of Colonial Pipeline, told The Wall Street Journal. In a statement about the seizure, US Deputy Attorney General Lisa Monaco said it could help deter future attacks. “Ransom payments are the fuel that propels the digital extortion engine, and today’s announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises.”

Related Posts