AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 07/21/2023

How safe is your sensitive data in mental health apps? 

Australian Academics have raised concerns about some popular mental health apps’ data collection and use policies. A CHOICE survey of over 1,000 people conducted in June 2022 found that 30% of Australians had one or more mental health apps downloaded on their phones. Some are designed to help users improve their emotional well-being, become more mindful, and address common mental health issues providing access to online therapy, meditation practice, tools to cope with stress and anxiety, or improve sleep quality. But at the same time, these apps collect data related to the most sensitive area. 


Kevin Mitnick, formerly the world’s ‘most-wanted’ hacker, has passed away 

Kevin Mitnick, who was once one of the world’s most wanted computer hackers, has passed away at 59 on July 16th. According to his obituary, Mitnick battled pancreatic cancer for more than a year and was undergoing treatment at the University of Pittsburgh Medical Center. “[M]uch of his life reads like a fiction story,” his obituary reads, and that’s perhaps the perfect way to describe his tale. The first time Mitnick infiltrated a computer system was way back in 1979, but it wasn’t until 1988 that he was convicted and sentenced to 12 months in prison for copying a company’s software. 


Under CISA pressure collaboration, Microsoft makes cloud security logs available for free 

Microsoft announced on Wednesday it would provide all customers free access to cloud security logs – a service usually reserved for premium clients – within weeks of a reveal that government officials’ cloud-based emails were targets of an alleged China-based hack. Microsoft wrote on its blog it was expanding the service’s access beginning in September 2023 to “increase the secure-by-default baseline” of its cloud platforms “in response to the increasing frequency and evolution of nation-state cyber threats.” Subscribers to the standard version of Microsoft Purview Audit will also have their default retention period extended from 90 to 180 days. The cloud Goliath theorized that, while logs don’t prevent attacks, they are useful in digital forensics and incident responding. They provide insight into legitimate versus abnormal user behavior. 


Apple Threatens to Pull FaceTime and iMessage in the UK Over Proposed Surveillance Law Changes 

Apple says it will pull services including FaceTime and iMessage in the UK if plans to amend surveillance legislation that would require tech companies to make major security and privacy changes go ahead (via BBC News). The UK government is planning to update the Investigatory Powers Act (IPA), which came into effect in 2016. The Act of Parliament allows the British Home Office to force technology companies to disable security features like end-to-end encryption without telling the public. The IPA also enables storage of internet browsing records and authorises the bulk collection of personal data in the UK. Due to the secrecy surrounding these demands, little is known about how many have been issued and complied with. 


Tampa hospital says sensitive data of 1.2 million stolen in failed ransomware attack 

One of the largest hospitals in Florida said hackers stole the sensitive data of more than 1.2 million patients during an attempted ransomware attack in May. Tampa General Hospital has about 7,000 employees and more than 1,000 beds for patients who come from multiple counties in the region. The hospital published a notice on Thursday explaining that it detected unusual activity on its network on May 31 and quickly contained the activity, noting that it “effectively prevented encryption, which would have significantly interrupted the hospital’s ability to provide care for patients.” 


Google says Apple employee found a zero-day but did not report it 

Google fixed a zero-day in Chrome that was found by an Apple employee, according to comments in the official bug report. While the bug itself is not newsworthy, the circumstances of how this bug was found and reported to Google are, to say the least, peculiar. According to a Google employee, the bug was originally found by an Apple employee who was participating in a Capture The Flag (CTF) hacking competition in March. But that Apple employee did not report the bug, which at the time was a zero-day — meaning Google wasn’t aware of the bug and no patch had been issued yet. The bug was instead reported by someone else who also participated in the competition, didn’t actually find the bug themselves and wasn’t even on the team that found the bug. 

Related Posts