AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 08/05/2022

Scammers Sent Uber to Take Elderly Lady to the Bank

Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters.  In this case, the woman figured out she was being scammed before embarking for the bank, but her story is a chilling reminder of how far crooks will go these days to rip people off. Travis Hardaway is a former music teacher turned app developer from Towson, Md. Hardaway said his mother last month replied to an email she received regarding an appliance installation from BestBuy/GeekSquad. Hardaway said the timing of the scam email couldn’t have been worse: His mom’s dishwasher had just died, and she’d paid to have a new one delivered and installed. “I think that’s where she got confused, because she thought the email was about her dishwasher installation,” Hardaway told KrebsOnSecurity.


Over 60% of Organizations Expose SSH to the Internet

A majority of global organizations are exposing sensitive and insecure protocols to the public internet, potentially increasing their attack surface, according to ExtraHop. The vendor analyzed a range of enterprise IT environments to benchmark cybersecurity posture based on open ports and sensitive protocol exposure. It found that 64% of those studied have at least one device exposing SSH, which could allow attackers to probe it for remote access. The research also revealed that over a third (36%) of organizations are exposing at least one device via the insecure file transfer protocol (FTP), which sends files in plain text, meaning they can be easily intercepted. Over two-fifths (41%) had at least one device exposing LDAP, which looks up usernames in Active Directory. The protocols transmits queries in plain text, potentially putting credentials at risk.


All the Data Amazon’s Ring Cameras Collect About You

IF YOU WALK through your local neighborhood—providing you live in a reasonably large town or city—you’ll be caught on camera. Government CCTV cameras may record your stroll, but it is increasingly likely that you’ll also be captured by one of your neighbors’ security cameras or doorbells. It’s even more likely that the camera will be made by Ring, the doorbell and security camera firm owned by Amazon. Since Amazon splashed out more than a billion dollars for the company in 2018, Ring’s security products have exploded in popularity. Ring has simultaneously drawn controversy for making deals (and sharing data) with thousands of police departments, helping expand and normalize suburban surveillance, and falling to a string of hacks. While the cameras can provide homeowners with reassurance that their property is secure, critics say the systems also run the risk of reinforcing racism and racial profiling and eroding people’s privacy.


“Huge flaw” threatens US emergency alert system, DHS researcher warns

The US Department of Homeland Security is warning of vulnerabilities in the nation’s emergency broadcast network that makes it possible for hackers to issue bogus warnings over radio and TV stations. “We recently became aware of certain vulnerabilities in EAS encoder/decoder devices that, if not updated to most recent software versions, could allow an actor to issue EAS alerts over the host infrastructure (TV, radio, cable network),” the DHS’s Federal Emergency Management Agency (FEMA) warned. “This exploit was successfully demonstrated by Ken Pyle, a security researcher at CYBIR.com, and may be presented as a proof of concept at the upcoming DEFCON 2022 conference in Las Vegas, August 11-14.” Pyle told reporters at CNN and Bleeping Computer that the vulnerabilities reside in the Monroe Electronics R189 One-Net DASDEC EAS, an Emergency Alert System encoder and decoder. 


Bloke robbed of $800,000 in cryptocurrency by fake wallet app wants payback from Google

Last October, California resident Jacob Pearlman downloaded an Android version of a cryptocurrency wallet app called Phantom from the Google Play app store. That was four months before San Francisco-based Phantom Technologies actually released an Android version of its digital wallet. The free Phantom Wallet app that Pearlman downloaded early from Google Play was a fake. And when he connected his actual Phantom wallet to the app, it cost him a small fortune. “Less than 24 hours after downloading the fake ‘Phantom Wallet’ app from Google Play, Pearlman’s real Phantom wallet was drained of more than $800,000 worth of virtual currencies, including SAMO, USDC, ORCA, and SOL, as well as four additional NFTs,” his attorneys recount in a lawsuit that seeks to recover the stolen funds from Google rather than from the bogus app’s operator.

Related Posts