AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – 07/05/2019

1 New FaceTime feature forces you to make eye contact

FaceTime and other forms of video calling are already inherently weird, but Apple seems committed to making it as uncomfortable as possible. Apple is running an iOS 13 beta ahead of the big update's launch later this year and one new feature made waves on Twitter on Tuesday. "FaceTime Attention Correction" promises to make your eye contact "more accurate" during video calls, according to the menu setting spotted by app designer Mike Rundle. What exactly does that mean? Well, if you turn that feature on, FaceTime will make it look like you're making eye contact with the other person on the call even when you're not. If you like terrifying things that arguably shouldn't exist, here's a visual example of the feature in action.

 

2 Facebook resolves day-long outages across Instagram, WhatsApp, and Messenger

Facebook had problems loading images, videos, and other data across its apps today, leaving some people unable to load photos in the Facebook News Feed, view stories on Instagram, or send messages in WhatsApp. Facebook said earlier today it was aware of the issues and was “working to get things back to normal as quickly as possible.” It blamed the outage on an error that was triggered during a “routine maintenance operation.” As of 7:49PM ET, Facebook posted a message to its official Twitter account saying the “issue has since been resolved and we should be back at 100 percent for everyone. We’re sorry for any inconvenience.” Instagram similarly said its issues were more or less resolved, too.

 

3 US Customs and Border Protection reportedly suspends subcontractor over cyberattack

The US Customs and Border Protection has reportedly suspended a subcontractor following a "malicious cyberattack" in May that caused it to lose photos of travelers into and out of the country. Perceptics, which makes license plate scanners and other surveillance equipment for CBP, has been suspended from contracting with the federal government, The Washington Post reported Tuesday. On June 12, CBP had confirmed that in violation of its policies, a subcontractor had "transferred copies of license plate images and traveler images collected by CBP to the subcontractor's company network." The subcontractor's network was then compromised by a cyberattack that affected under 100,000 people who entered and exited the US in a vehicle through several specific lanes at one land border during a 1.5-month period.

 

4 Hacker in DDoS attacks on Daybreak Games gets two years in prison

Another hacker behind attacks on Daybreak Game Company, then known as Sony Online Entertainment, is going to prison. Austin Thompson of Utah will be behind bars for the next 27 months, the U.S. Attorney’s Office for the Southern District of California announced Tuesday. Thompson, 23, pleaded guilty in November (official charge: “Damage to a Protected Computer”) in connection with attacks in late 2013 against SOE; his group, “DerpTrolling,” was allegedly behind several denial-of-service attacks on online service for several SOE games, plus Battle.net, League of Legends, and Dota 2 in late 2013. Thompson’s attacks preceded by about six months those of a group calling itself Lizard Squad, which targeted SOE and even made a bomb threat that forced a flight carrying its then-president to land. Thompson was not involved in those crimes.

 

5 Senate Passes Bill to Help Defend U.S. Energy Grid against Digital Attacks

On 27 June, the Senate passed the Securing Energy Infrastructure Act. Introduced by U.S. Senators Angus King (I-Maine) and Jim Risch (R-Idaho), the main purpose of the bipartisan bill is to remove security vulnerabilities which digital attackers can abuse to access the U.S. energy grid. It seeks to do this by implementing several steps, including: Creating a two-year pilot program within the National Laboratories that will partner with entities in the energy sector to identify security vulnerabilities as well as evaluate technology and standards to protect covered industrial control systems against those vulnerabilities; Establishing a working group to evaluate the technology and standards used in the program as well as develop a strategy to defend energy sector entities against security vulnerabilities; Submit reports that present the results of the program.

 

6 Georgia Failed to Subpoena Image of Wiped Elections Server

The case of whether hackers may have tampered with elections in Georgia has taken another strange turn. Nearly two years ago, state lawyers in a closely watched election integrity lawsuit said they intended to subpoena the FBI for the forensic image, or digital snapshot, the agency made of a crucial server before state election officials quietly wiped it clean. Election watchdogs want to examine the data to see if there might have been tampering, given that the server was left exposed by a gaping security hole for more than half a year. A new email obtained by The Associated Press says state officials never did issue the subpoena. The FBI's data is central to activists' challenge to Georgia's highly questioned, centrally administered elections system, which lacks an auditable paper trail and was run at the time by Gov. Brian Kemp, then Georgia's secretary of state.

 

7 YouTube mystery ban on hacking videos has content creators puzzled

YouTube, under fire since inception for building a business on other people's copyrights and in recent years for its vacillating policies on irredeemable content, recently decided it no longer wants to host instructional hacking videos. The written policy first appears in the Internet Wayback Machine's archive of web history in an April 5, 2019 snapshot. It forbids: "Instructional hacking and phishing: Showing users how to bypass secure computer systems or steal user credentials and personal data." Lack of clarity about the permissibility of cybersecurity-related content has been an issue for years. In the past, hacking videos in years past could be removed if enough viewers submitted reports objecting to them or if moderators found the videos violated other articulated policies.

 

8 D-Link agrees to 10 years of security audits to settle FTC case

After years of litigation and countless security issues, D-Link has settled its case with the Federal Trade Commission over poor security practices. Under the terms of the settlement, the company has agreed to implement a comprehensive security program for its routers and webcams, including third-party security audits every two years until 2030. The company is also required to check for security vulnerabilities before releasing a product, actively monitor for vulnerabilities once a product is released, and accept reports from third-party security researchers. “We sued D-Link over the security of its routers and IP cameras, and these security flaws risked exposing users’ most sensitive personal information to prying eyes,” said Andrew Smith, Director of the FTC’s Bureau of Consumer Protection in a statement. “Manufacturers and sellers of connected devices should be aware that the FTC will hold them to account for failures that expose user data to risk of compromise.”

 

9 Retailers all but beg FTC to take action against Google, Amazon

A group of the biggest retailers in the country, including Target, Walmart, Best Buy, Apple, and T-Mobile, is asking federal regulators to do something about the outsized power digital competitors Amazon and Google have in the marketplace. The Retail Industry Leaders Association, a trade group representing dozens of major retail chains, submitted lengthy comments this week (PDF) to the Federal Trade Commission urging an update of antitrust policy for the "information infrastructure" era, in business-to-business interactions as well as equal access to consumers, and for the FTC to "take the next step with investigations and actions against companies impeding free market competition." The organization wants the FTC to act "not to complain about competition" from companies such as Facebook, Google, or Amazon, "but to ask for more competition," RILA VP of Innovation Nicholas Ahrens said in a written statement. "Modern antitrust investigation and enforcement needs to be driven by a greater recognition that control over information can drive anti-competitive effects just as much as market power and price control."

 

10 Sarasota Sheriff’s Office investigating statewide data breach

A Miami employee of the Florida Department of Children and Family Services has been charged with leaking personal data to six other people in an organized fraud ring that made purchases in the Sarasota area, according to the Sarasota County Sheriff’s Office. The breach affected an estimated 2,000 Florida residents and amounted to about $260,000 in retail theft, with some of those purchases coming from the University Town Center area. And those numbers are only expected to climb as the investigation continues, said Sarasota County Chief Deputy Col. Kurt Hoffman. “These men and women did not facilitate your traditional retail crimes that we see up and down this Interstate 75 corridor,” Hoffman said. “They went for big purchases, some amounting to more than $8,000 on a single receipt.” The Sheriff’s Office began investigating in May after Roxana Ruiz, 39, and Eduardo Lamigueiro, 43, opened multiple credit card accounts in the UTC area to make more than $6,000 in purchases. The two were arrested on May 23 and released on bond two days later.

 

11 Facebook Is Censoring Posts That Could Save Opioid Users' Lives

In its efforts to stop opioid sales on the site, Facebook appears to be blocking people who warn users about poisonous batches of drugs or who supply materials used to test for fentanyls and other contaminants. Just as 1990s web security filters mistook breast cancer research centers for porn sites, today’s internet still seems to have trouble distinguishing between drug dealers and groups trying to reduce the death toll from the overdose crisis. VICE reviewed screenshots and emails to corroborate the claims made in this story. “My email is apparently a violation of community standards on Facebook,” said Louise Vincent, executive director of the Urban Survivors Union (USU), an organization created by and for people who use drugs.

 

12 An online vigilante group that targets sexual predators may have contributed to a sailor’s death

Investigators are looking into whether a sailor killed himself after an activist group posted a video of him online that purportedly showed him trying to solicit a minor, Task & Purpose has learned. Task & Purpose is withholding the sailor's name while the investigation into his death is ongoing. Navy Department officials declined to comment until the investigation is complete. Based in San Diego, the private group CC_Unit – short for "Creep Catcher Unit" – uses decoy accounts to pose as children on dating apps and then makes videos confronting people who respond that they want to have sex with minors, said the group's founder, who goes by the alias "Ghost." "I've always been a big fan of Chris Hansen and 'To Catch a Predator,'" Ghost, who declined to give his real name, told Task & Purpose. "I always grew up with girls that have been victims of sexual abuse and abuse in general. Now that I'm a bit older – I'm 21 – I can actually make a difference, make a change." But CC_Unit does not coordinate these stings with law enforcement, so none of the people they "catch" are arrested on the scene, Ghost said.

 

13 Burning battery pack forces emergency landing of Virgin flight

A seat fire, thought to have been caused by a portable battery pack, forced a Virgin Atlantic flight to make an emergency landing on Thursday night. The flight was on its way from New York’s JFK Airport to London Heathrow according to the Associated Press, but was forced to land at Boston’s Logan Airport after smoke and flames started emanating from a passenger seat. All 217 passengers onboard the flight were successfully evacuated. The fire was extinguished by the crew on board, and upon landing an investigation discovered wires protruding from the affected area. “A battery pack consistent in appearance with an external phone charger” was found between the cushions of the seat that ignited, according to police.

Related Posts