AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 06/19/2023

SMS delivery reports can be used to infer recipient’s location 

A team of university researchers has devised a new side-channel attack named ‘Freaky Leaky SMS,’ which relies on the timing of SMS delivery reports to deduce a recipient’s location. SMS delivery reports are handled by the SMSC (short message service center) of the mobile network to inform when a message has been delivered, accepted, failed, is undeliverable, has expired, or has been rejected. While there are routing, network node propagation, and processing delays in this process, mobile networks’ fixed nature and specific physical characteristics result in predictable times when standard signal pathways are followed. 


Kim Dotcom is ‘not giving an inch’ after sentencing of two Megaupload execs 

I didn’t expect to write about Megaupload in 2023, but here we are — former Megaupload officers Mathias Ortmann and Bram van der Kolk have been sentenced to more than two years in prison over their roles in the company, Associated Press reported on Thursday. The two men have been granted delayed sentences owing to the impending birth of Ortmann’s child and van der Kolk’s ill mother. Dotcom tweeted about the convictions on Thursday, saying the light sentences two men got off easy because they are pinning the blame on him, adding that they “will make terrible witnesses for the US Govt.” 


Meta is rolling back its covid-19 misinformation rules in the US 

Meta is rolling back its covid misinformation rules in countries like the US, where the pandemic’s national emergency status has been rescinded as recommended by its independent oversight board in April of this year, The Washington Post reported Friday morning (via Engadget). In an update to the July announcement that it asked the Meta Oversight Board to investigate the safety of doing so, Meta cited the end of the World Health Organization’s global public health emergency declaration as the reason for the change. 


Microsoft says early June disruptions to Outlook, cloud platform, were cyberattacks 

In early June, sporadic but serious service disruptions plagued Microsoft’s flagship office suite—including the Outlook email and OneDrive file-sharing apps—and cloud computing platform. A shadowy hacktivist group claimed responsibility, saying it flooded the sites with junk traffic in distributed denial-of-service attacks. Initially reticent to name the cause, Microsoft has now disclosed that DDoS attacks by the murky upstart were indeed to blame. 


Microsoft identifies new hacking group controlled by Russian intelligence 

A hacking group that has carried out attacks targeting organizations in Europe, Latin America and Central Asia has been linked to Russia’s military intelligence agency, according to new research. Microsoft said Wednesday that the group, which it calls Cadet Blizzard, played a significant role at the beginning of Russia’s cyberwar against Ukraine. About a month prior to the invasion, the group deployed WhisperGate malware, which targeted numerous Ukrainian government computers and websites, while Russian tanks and troops were surrounding the Ukrainian borders waiting to start the offense. 


EU officials pass draft law to regulate AI and ban facial recognition systems 

Lawmakers from the European Union have taken a big step towards regulating the use of artificial intelligence systems in the region by passing a draft law known as the AI Act. As The New York Times notes, it’s merely one part of a longer process, and the soonest we can see the final version of the law is most likely later this year. But if the law gets enforced in its current form, then the European Union will be banning the use of real-time and remote biometric systems, such as facial recognition scanning. It will also prohibit devices that exhibit cognitive behavioral manipulation, such as voice activated toys deemed to encourage dangerous behavior in children. Technologies that classify people based on their socio-economic status or personal characteristics will be banned, as well. Meanwhile, technologies considered “high risk” will need to be registered in an EU database. These include AI systems for biometric identification and those for use by law enforcement.  


Reddit hackers threaten to leak data stolen in February breach 

The BlackCat (ALPHV) ransomware gang is behind a February cyberattack on Reddit, where the threat actors claim to have stolen 80GB of data from the company. On February 9th, Reddit disclosed that its systems were hacked on February 5th after an employee fell victim to a phishing attack. This phishing attack allowed the threat actors to gain access to Reddit’s systems and steal internal documents, source code, employee data, and limited data about the company’s advertisers. 

Related Posts