AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 06/27/2023

The tech flaw that lets hackers control surveillance cameras

In a darkened studio inside the BBC’s Broadcasting House in London, a man sits at his laptop and enters his password. Thousands of miles away, a hacker is watching everything he types.

Next, the BBC employee picks up his mobile phone and enters the passcode. The hacker now has that, too. A security flaw in the surveillance camera on the ceiling – manufactured by the Chinese firm Hikvision – means it’s now vulnerable to attack. “I own that device now – I can do whatever I want with that,” says the hacker. “I can disable it… or I can use it to watch what’s going on at the BBC.”


EU sanctions Russian cybersecurity firms

The European Union has issued its 11th package of sanctions against Russia for its invasion of Ukraine. Issued last Friday, the sanctions list was expanded with 71 individuals and 33 entities, including five Russian cybersecurity and IT companies such as Positive Technologies, NTC Vulcan, Echelon, Iteranet, and Poisk-IT. EU officials say the companies provide IT services to support the activity of Russian intelligence services, such as developing hacking tools and data collection and analysis.


Third-party breach hits American Airlines, Southwest Airlines

BleepingComputer reports that major airline carriers American Airlines and Southwest Airlines had information from nearly 9,000 pilot applicants stolen following a cyberattack against third-party pilot application and recruitment portal manager Pilot Credentials. Attackers were able to compromise Pilot Credentials’ systems on April 30, resulting in the exfiltration of documents with pilot and cadet applicant information, while both airlines were informed regarding the incident on May 3.


iOS 17: Eight Privacy and Security Improvements Coming in Apple’s Next Update

The iOS 17 and iPadOS 17 updates include a number of privacy and security improvements that make your devices safer than ever, with Apple restricting access to photos and calendar events and cutting down further on how websites track you across the web. In Safari, Private browsing windows are now locked and require secondary authentication to unlock and access. If you hand your phone over to someone and they attempt to open your Safari private browsing tab, access will be denied without a Face ID/Touch ID scan or a passcode.


Dangerous Android trojan targets 600 banking apps — and it’s draining accounts

Android smartphone owners are once again under attack from the dangerous Anatsa banking trojan which has been updated with new capabilities and can now target even more banking apps. As reported by BleepingComputer, this new mobile malware campaign has been active since March of this year and so far, banking customers in the U.S., U.K., Germany, Austria and Switzerland have been targeted by Anatsa. Just like during a previous Anatsa campaign from back in November 2021 which saw the malware downloaded over 300,000 times, the hackers behind this new campaign are using malicious apps hosted on the Google Play Store to infect vulnerable Android smartphones.


Twitter Celeb Account Hacker Heads to Jail for 5 Years

A main conspirator in the infamous 2020 celebrity Twitter account takeovers is off to jail for five years. In a win for the good guys in law enforcement, Joseph James O’Connor (aka PlugwalkJoe), a UK citizen from Liverpool, was sentenced to five years in federal prison for his role in the July 2020 hack of Twitter, and other computer intrusions.


T-Mobile ditches AutoPay discount for Apple Pay despite history of security woes

T-Mobile’s long-feared and unpopular change to AutoPay is set to officially go into effect next month. Starting on July 25, T-Mobile will no longer accept credit cards, Apple Pay, or Google Pay for AutoPay. This means that if you want to secure the $5 per line discount for using AutoPay, you’ll have to update your payment method to use either a bank account transfer or a debit card. This change has been in the works at T-Mobile for months and is finally going into effect on July 25. T-Mobile’s reasoning is: It pays higher processing fees on credit card transactions, so it saves a few bucks on each transaction by limiting AutoPay to debit and bank payments only. But that doesn’t mean T-Mobile users aren’t upset about the change, and rightfully so.


LastPass 2FA reset prompts are locking users out of accounts

LastPass’s attempts to clean up after security breaches isn’t going so well. At least, not for users. Some customers are getting locked out of their accounts after following LastPass’s prompt to resync their two-factor authentication—and they’re rightfully angry. Multiple users in LastPass’s forums have stated they can’t login after resetting their 2FA secret—and until June 26, they also had no way of contacting support. Premium users had to log into the site to submit a support ticket, and free users simply lacked access to “personal” one-on-one support. Neither group could get help.

Related Posts