AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 06/15/2022

Top cyber official says transformation needed in cyberspace

National Cyber Director Chris Inglis said Monday that the administration and federal agencies should prioritize transforming the way they approach and invest in cybersecurity, as previous efforts have “not worked.” Ingles was speaking at cyber summit hosted by the Information Technology Industry Council on ways the public and private sector can combat cyber threats. “I think that everything else that we have tried, as nobly intended, has not worked,” Inglis said. “And so in order for us to then change the nature of the game, I think that we have to crowdsource the adversaries the way they’ve crowdsourced us,” he added.

 

Your Netflix May Have Been Hacked. Here’s How to Tell

Those precious dollars you pour into your Netflix subscription each month shouldn’t be taken for granted. If your account is hacked and some freeloader is watching the biggest shows in streaming on your account, it feels like a double slap in the face. Ouch. You could be fine with sharing your password with family and friends, but beware suspicious activity you don’t recognize. If you’ve noticed something amiss with your streaming service account, here’s what you should do. Moochers, look out.  Most of us pay attention to the look of our Netflix home screen and the profiles that sit on one account. Up to five are allowed, but if you only have one or two and additional ones pop up, then that’s your first clue that someone has infiltrated your account.

 

A new vulnerability in Intel and AMD CPUs lets hackers steal encryption keys

Microprocessors from Intel, AMD, and other companies contain a newly discovered weakness that remote attackers can exploit to obtain cryptographic keys and other secret data traveling through the hardware, researchers said on Tuesday. Hardware manufacturers have long known that hackers can extract secret cryptographic data from a chip by measuring the power it consumes while processing those values. Fortunately, the means for exploiting power-analysis attacks against microprocessors is limited because the threat actor has few viable ways to remotely measure power consumption while processing the secret material. Now, a team of researchers has figured out how to turn power-analysis attacks into a different class of side-channel exploit that’s considerably less demanding.

 

Man gets two years in prison for selling 200,000 DDoS hits

A 33-year-old Illinois man has been sentenced to two years in prison for running websites that paying customers used to launch more than 200,000 distributed denial-of-services (DDoS) attacks. A US California Central District jury found the Prairie State’s Matthew Gatrel guilty of one count each of conspiracy to commit wire fraud, unauthorized impairment of a protected computer and conspiracy to commit unauthorized impairment of a protected computer. He was initially charged in 2018 after the Feds shut down 15 websites offering DDoS for hire.

 

Firefox rolls out Total Cookie Protection by default to all users worldwide

Starting today, Firefox is rolling out Total Cookie Protection by default to all Firefox users worldwide, making Firefox the most private and secure major browser available across Windows, Mac and Linux. Total Cookie Protection is Firefox’s strongest privacy protection to date, confining cookies to the site where they were created, thus preventing tracking companies from using these cookies to track your browsing from site to site. Whether it’s applying for a student loan, seeking treatment or advice through a health site, or browsing an online dating app, massive amounts of your personal information is online — and this data is leaking all over the web. The hyper-specific-to-you ads you so often see online are made possible by cookies that are used to track your behavior across sites and build an extremely sophisticated profile of who you are.

 

Farewell, Internet Explorer: The old Microsoft browser retires at 27

Internet Explorer is finally headed out to pasture. As of Wednesday, Microsoft will no longer support the once-dominant browser that legions of web surfers loved to hate — and a few still claim to adore. The 27-year-old application now joins BlackBerry phones, dial-up modems and Palm Pilots in the dustbin of tech history. Internet Explorer’s demise was not a surprise. A year ago, Microsoft said that it was putting an end to IE on June 15, 2022, pushing users to its Edge browser, which was launched in 2015. The company made clear then it was time to move on. “Not only is Microsoft Edge a faster, more secure and more modern browsing experience than Internet Explorer, but it is also able to address a key concern: compatibility for older, legacy websites and applications,” Sean Lyndersay, general manager of Microsoft Edge Enterprise, wrote in a May 2021 blog post.

Related Posts