AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – 07/04/2019

US Cyber Command has issued a warning about an unnamed foreign country’s attempt to spread malware through the exploitation of a vulnerability in Microsoft Outlook.The alert, posted on Twitter, refers to CVE-2017-11774, a vulnerability in Outlook that if exploited could allow an attacker to bypass security features and execute arbitrary commands on targeted Windows computers. Microsoft issued a patch for the vulnerability in October 2017, but the security hole has since continued to be used by the Iranian-backed APT33 (also known as Elfin) hacking group. Clearly US Cyber Command is concerned that some at-risk organisations have still not have applied Microsoft’s patch from 2017, which removes the legacy ‘home page’ feature of Outlook that was vulnerable to attack.


2 BlackBerry Helping Modernize Technology Infrastructure for Canada’s Indigenous People

Last week at the Indigenous Technology Summit, BlackBerry announced it is helping Indigenous communities across Canada deploy new technologies with a view to improving their overall well-being from a health, education, safety and economic development standpoint. Working collaboratively with Forrest Green and Microsoft, the companies will bring a comprehensive mix of next-generation secure communication, cybersecurity, cloud, artificial intelligence (AI) and machine learning (ML) technologies to Chiefs and Grand Chiefs across Canada – providing them with valuable tools for making better, data-driven decisions. The three parties will also enable residents to take part in skills-based education programs, so they are well-positioned to participate in the digital economy. “This is nation-building in action,” commented Joseph Norton, Grand Chief, Mohawk Council of Kahnawá:ke.


3 Public Certificate Poisoning Can Break Some OpenPGP Implementations

OpenPGP installations can grind to a halt and fail to verify the authenticity of downloaded packages as the keyserver network has been flooded with bogus extra signatures attesting ownership of a certificate. Vulnerabilities that allow this type of certificate spamming attack have been known for years and a timely fix or mitigation is nowhere in sight, neither from the keyserver network community nor the OpenPGP Working Group. The attack impacts to various degrees the OpenPGP protocol implementations for signing packages and for encryption – like GnuPG, SequoiaPGP, and OpenPGP for JavaScript, causing them to slow their operations or even break them.


4 Major websites and services across the internet went down Tuesday because of a hosting-platform outage

No, it wasn't just you — major websites across the internet were down as of Tuesday morning. That's because Cloudflare was experiencing issues, according to the website-hosting platform, as well as hundreds of tweets from frustrated social-media users. Cloudflare is an internet-hosting platform that many internet services rely on to remain functioning and protected in the case of a distributed denial-of-services attack. An outage from Cloudflare affects internet services globally. In a blog post, Cloudflare announced that service had returned to normal as of around noon ET. The company said the outage was caused by a "bad software" deployment.


5 Pentagon Should Assume U.S. Satellites Are Already Hacked

The U.S. and its allies need to double down on the cybersecurity of their satellites as space infrastructure becomes ever more integral to national security, according to a recent report. The Pentagon and other western military forces rely heavily on space-based systems to guide weapons, gather intelligence and coordinate operations around the globe, but security gaps in their satellite infrastructure threaten to bring those functions to a grinding halt or worse, researchers at the London-based think tank Chatham House found. As adversaries like Russia and China ramp up their offensive cyber capabilities, they said the western world needs to lock down its space infrastructure against potentially crippling attacks. And in the meantime, “it would be prudent” for countries to assume their systems have already been infiltrated.


6 Huawei Remains Blocked From US 5G: White House Trade Advisor

China's telecoms giant Huawei remains barred from the development of 5G wireless networks in the United States, a senior White House trade advisor said Tuesday. "US policy on Huawei with respect to 5g in this country has not changed," Peter Navarro told CNBC. "All we've done, basically, is to allow the sale of chips to Huawei. These are lower tech items which do not impact national security whatsoever."


7 How to stop your emails from being tracked

All of those obnoxious marketing emails that crowd your inbox aren’t just pushing a product. They’re also tracking whether you’ve opened the email, when you opened it, and where you were at the time by using software like MailChimp to embed tracking software into the message. How does it work? A single tracking pixel is embedded into the email, usually (but not always) hidden within an image or a link. When the email is opened, code within the pixel sends the info back to the company’s server. There is also a simple basic step you can take to avoid trackers: stop your email from automatically loading images since images are where the majority of these pixels hide. You won’t be able to avoid all of the trackers that can hide in your email this way, but you will stop many of them.


8 Relatives’ DNA in geneology database leads to murder conviction

At the time that the brutalized bodies of a Canadian couple were discovered near Washington’s Mount Rainier nearly 32 years ago, police believed that the killer left his plastic gloves in plain view near their van so as to taunt investigators. Detective Robert Gebo of the Seattle Police Department: He leaves those behind as a sign to the police that you needn’t look for fingerprints because I wore these gloves. And he has confidence that there’s nothing that’s going to connect him with these crimes. That killer’s self-confidence was misplaced. Decades later, he was tracked down through links to the DNA of two cousins. On Friday morning, a Snohomish County jury found William Earl Talbott II guilty on two counts of aggravated murder in the first degree for the deaths of 21-year-old Jay Cook and his 17-year-old girlfriend, Tanya Van Cuylenborg.


9 Amazon keeps your Alexa recordings forever, unless you delete them

If you (like so many of us) hate listening to recordings of your own voice, you may be in for an unpleasant future, as Amazon has confirmed it hangs on to every conversation you've ever had with an Alexa-enabled device until or unless you specifically delete them. That confirmation comes as a response to a list of questions Sen. Chris Coons (D-Delaware) sent to Amazon CEO Jeff Bezos in May expressing "concerns" seeking about how Amazon uses and retains customers' Alexa voice assistant data. Amazon's response to Coons, as first reported by CNET, confirms that the company keeps your data as long as it wants unless you deliberately specify otherwise. "We retain customers' voice recordings and transcripts until the customer chooses to delete them," Amazon said—but even then there are exceptions.


10 Amazon can be held liable for third-party seller products

A federal appeals court on Wednesday ruled against Amazon.com Inc (AMZN.O) in a case that could expose the online retailer to lawsuits from customers who buy defective products from third-party vendors through its website. Numerous other courts, including two federal appeals courts, have held that Amazon cannot be held liable as a seller of products from third-party vendors. The new ruling from the 3rd U.S. Circuit Court of Appeals in Philadelphia, which reversed a lower court decision, appeared to be the first to buck that trend. Amazon did not immediately respond to a request for comment.



According to personal data protection specialists, Dr. Larry Sanger, one of Wikipedia’s founders, is inviting the people to stop using any social media platform for up to 48 hours in an attempt to pressure companies to grant control of personal data to users. Sanger has mentioned that his movement would “reaffirm mass demand, the need to change the way social media platforms manage personal data”. The strike is scheduled for this weekend, on July 4 and 5. Movement participants should avoid using any social media platform during these two days. “We will bring big changes; by demonstrating in bulk we will require the large and manipulative technology companies to give us back control of our confidential information, which will significantly improve the online privacy experience of users”, says the doctor Sanger.

Related Posts