AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 08/18/2020

U.S. spirits and wine giant hit by cyberattack, 1TB of data stolen

Brown-Forman, one of the largest U.S. companies in the spirits and wine business, suffered a cyber attack. The intruders allegedly copied 1TB of confidential data; they plan on selling to the highest bidder the most important info and leak the rest. Headquartered in Louisville, Kentucky, the company holds world-known whiskey and scotch brands like Jack Daniel’s, Woodford, Old Forester, Collingwood, Glenglassaugh, and Glendronach; Herradura, El Jimador, and Pepe Lopez tequila; Finlandia vodka, and Sonoma-Cutrer wines. Sodinokibi (REvil) ransomware operators announced on Friday that they had compromised Brown-Forman’s computer network and spent more than a month examining user services, cloud data storage, and general structure.


Microsoft Outlook Will Store Contacts’ Blood Group And Star Sign

An update to the Mac version of Microsoft Outlook will let users store a hugely detailed amount of personal information about their contacts, including their blood group and star sign. The changes are part of an upcoming update for Office for Mac, which is currently available for testing by “Insiders” – Microsoft’s term for customers who test upcoming versions of its software. There’s no suggestion that Microsoft will collect this information on users’ behalf, but it raises questions about the storage of highly personal data within the software. Outlook Contacts are not encrypted by default, instead relying on users to apply computer-wide encryption solutions such as Microsoft’s own BitLocker technology or the FileVault encryption that is built into macOS. The addition of blood group data, in particular, suggests Microsoft is encouraging users to store personal medical data in Outlook. That raises the risk of data theft if laptops are lost or computers are hacked.


TikTok and its employees prepare to fight Trump over app ban

TikTok and its U.S. employees are planning to take President Donald Trump’s administration to court over his sweeping order to ban the popular video app, according to a lawyer preparing one of the lawsuits. The employees’ legal challenge to Trump’s executive order will be separate from a pending lawsuit from the company that owns the app, though both will argue that the order is unconstitutional, said Mike Godwin, an internet policy lawyer representing the employees. Trump last week ordered sweeping but vague bans on dealings with the Chinese owners of TikTok and messaging app WeChat, saying they are a threat to U.S. national security, foreign policy and the economy. The TikTok order would take effect in September, but it remains unclear what it will mean for the apps’ 100 million U.S. users, many of them teenagers or young adults who use it to post and watch short-form videos.


Fresh Huawei restrictions could disrupt global tech supply chain

Ramped-up U.S. restrictions on Huawei are likely to cut off the Chinese smartphone maker’s access to even off-the-shelf chips and disrupt the global tech supply chain once again, executives and experts cautioned. The Trump administration on Monday expanded its curbs on Huawei and banned suppliers from selling chips made using U.S. technology to the firm without a special license – closing potential loopholes in its May sanctions that could have let Huawei access the tech via third parties. The restrictions underscore the rift in Sino-U.S. relations, at their worst in decades, as Washington presses governments around to world to squeeze Huawei out, alleging the company would hand over data to the Chinese government for spying. Huawei denies it spies for China.


US Army report says many North Korean hackers operate from abroad

North Korea has at least 6,000 hackers and electronic warfare specialists working in its ranks, and many of these are operating abroad in countries such as Belarus, China, India, Malaysia, and Russia, the US Army said in a report published last month. Named “North Korean Tactics,” the report a tactical manual that the US Army uses to train troops and military leaders, and which the Army has made public for the first time last month. The 332-page report contains a treasure trove of information about the Korean People’s Army (KPA), such as military tactics, weapons arsenal, leadership structure, troop types, logistics, and electronic warfare capabilities.


Chrome 86 to Alert Users of Insecure Forms

Google is working on improving the security of Chrome users by alerting them when filling out forms on secure pages that are delivered insecurely. Set to be introduced in Chrome 86, the feature targets the so-called mixed forms (they are found on HTTPS pages that submit over HTTP), which are considered a risk to users’ security and privacy. Because the data transmission is not performed over a secure connection, the information introduced by the user in those forms is visible to eavesdroppers, meaning that malicious actors can read or change the form data. Chrome versions prior to 86 mark mixed forms by removing the lock icon from the address bar. “We saw that users found this experience unclear and it did not effectively communicate the risks associated with submitting data in insecure forms,” Shweta Panditrao, Chrome Security Team, explains.

Related Posts