AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 08/07/2020

Cluster of 295 Chrome extensions caught hijacking Google and Bing search results

More than 80 million Chrome users have installed one of 295 Chrome extensions that hijack and insert ads inside Google and Bing search results. The malicious extensions were discovered by AdGuard, a company that provides ad-blocking solutions, while the company’s staff was looking into a series of fake ad-blocking extensions that were available on the official Chrome Web Store. A subsequent investigation into the fake ad blockers unearthed a larger group of malicious activity spreading across 295 extensions. Besides fake ad blockers, AdGuard said it also found extensions posing as weather forecast widgets and screenshot capture utilities. However, the vast majority of the malicious extensions (245 out of the 295 extensions) were simplistic utilities that had no other function than to apply a custom background for Chrome’s “new tab” page.


Apple wants to make 2FA safer with domain bound SMS codes

Authenticating transactions or login sessions through SMS-based two-factor authentication is standard practice. However, SMS as a 2FA medium might not be totally secure. Hackers can intercept these messages and use them to log in to your account. Apple is trying to make this method a tad bit more secure through domain-bound messages for developers. Make no mistake, the company’s new effort is trying to improve autofill — a function that lets you automatically put received code in the field. Here’s how it works: developers will need to implement this functionality in their apps and websites. Once they do that, your autofill will only get code if it finds that the SMS delivered to your phone has the same domain as the app or website you’re authenticating.


Deepfakes are the most worrying AI crime, researchers warn

Deepfakes are the most concerning use of AI for crime and terrorism, according to a new report from University College London. The research team first identified 20 different ways AI could be used by criminals over the next 15 years. They then asked 31 AI experts to rank them by risk, based on their potential for harm, the money they could make, their ease of use, and how hard they are to stop. Deepfakes — AI-generated videos of real people doing and saying fictional things — earned the top spot for two major reasons. Firstly, they’re hard to identify and prevent. Automated detection methods remain unreliable and deepfakes also getting better at fooling human eyes. A recent Facebook competition to detect them with algorithms led researchers to admit it’s “very much an unsolved problem.”


YouTube bans thousands of Chinese accounts to combat ‘coordinated influence operations’

YouTube  has banned a large number of Chinese accounts it said were engaging in “coordinated influence operations” on political issues, the company announced today; 2,596 accounts from China alone were taken down from April to June, compared with 277 in the first three months of 2020. “These channels mostly uploaded spammy, non-political content, but a small subset posted political content primarily in Chinese similar to the findings in a recent Graphika report, including content related to the U.S. response to COVID-19,” Google posted in its Threat Analysis Group bulletin for Q2.


The Vigilante Hunting Down Cheaters in Video Games

In May, some players in the popular competitive shooter Valorant seemed to have super powers. Every time they fired their guns, they hit their opponents right in the head, killing them quickly. They practically couldn’t miss. In some way, these players did have superpowers: they were using one of the most advanced cheats for Valorant, the five-on-five tactical first-person shooter made by Riot Games. The cheat was essentially a program that hacked the video game and subverted its rules by exploiting flaws in the game’s code. While Riot continues to fight cheaters across its games, that particular cheat is no longer available thanks to a vigilante who works around the clock to catch cheaters and their tools, reporting them to companies like Riot or Blizzard, the makers of Overwatch, another popular online shooter. He’s not employed by any game developer, nor does he get paid for his work, but he does devote a great deal of his time and energy to stopping cheaters, and when he finds something, game developers listen.


Black Hat: When penetration testing earns you a felony arrest record

“Uh, we’re in jail.” When Coalfire inked a deal with the State Court Administration (SCA) to conduct security testing at the Dallas County Courthouse in Iowa, two of their team members being arrested at midnight and thrown behind bars was not quite what the company expected.  The saga began in September last year when security experts, Coalfire Systems senior manager Gary Demercurio and senior security consultant Justin Wynn, set out to test the court’s physical security. Known as penetration testing in the cybersecurity field, testing a company or organization’s security posture can involve probing networks, apps, and websites to find vulnerabilities that need to be fixed before attackers find them and exploit them for nefarious purposes. 

Related Posts