AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 08/19/2021

Conti ransomware prioritizes revenue and cyberinsurance data theft

Training material used by Conti ransomware affiliates was leaked online this month, allowing an inside look at how attackers abuse legitimate software and seek out cyber insurance policies. Earlier this month, a disgruntled affiliate posted to a hacking forum the IP addresses for Cobalt Strike C2 servers used by the gang and a 113 MB archive containing training material for conducting ransomware attacks. Using this leaked training material, security researchers, network admins, and incident responders can better respond to attacks and quickly find common indicators of compromise (IOCs) used by the ransomware gang. This is exactly the case with new research released by Advanced Intel’s CEO Vitali Kremez that illustrates how actual Conti attacks utilized the leaked information.


Katie Moussouris hacked Clubhouse. Her emails went unanswered for weeks

Nearly one year after the exclusive app Clubhouse launched on the iOS store, its popularity skyrocketed. The app, which is now out of beta, lets users drop into spontaneous audio conversations that, once they are over, are over. With COVID lockdown procedures separating many people around the world last year, Clubhouse offered its users immediate, unplanned, conversational magic that maybe they lost in shifting to a work from home environment. At the time, it was perhaps an app to find a feeling. And in 2021, Luta Security CEO and founder Katie Moussouris found a crucial vulnerability in it. But when she tried to tell Clubhouse about the flaw—which let her hide her presence inside a listening “room” so she could eavesdrop on conversations—the company failed to listen to her for weeks. 


Researchers fooled AI into ignoring stop signs using a cheap projector

A trio of researchers at Purdue today published pre-print research demonstrating a novel adversarial attack against computer vision systems that can make an AI see – or not see – whatever the attacker wants. It’s something that could potentially affect self-driving vehicles, such as Tesla’s, that rely on cameras to navigate and identify objects. Up front: The researchers wanted to confront the problem of digital manipulation in the physical world. It’s easy enough to hack a computer or fool an AI if you have physical access to it, but tricking a closed system is much harder. Per the team’s pre-print paper: Adversarial attacks and defenses today are predominantly driven by studies in the digital space where the attacker manipulates a digital image on a computer. The other form of attacks, which are the physical attacks, have been reported in the literature, but most of the existing ones are invasive in the sense that they need to touch the objects, for example, painting a stop sign, wearing a colored shirt, or 3D-printing a turtle.


T-Mobile Confirms Data Breach, Offers Free Identity Theft Protection

The other day, it was reported that T-Mobile’s database of customer information might have been hacked, in which it was estimated that 100 million people might have been affected. This was according to a database that was being sold online by the hacker in which they were asking for about $270,000 for the entire database. That being said, T-Mobile has since confirmed that the breach did take place and confirmed that personal information such as customer names, date of birth, social security numbers, and driver’s license information were stolen. The carrier is also estimating that about 48 million customers might have been affected by this, which is about half of what the hackers had claimed. The good news and silver lining to this is that at least no credit card or payment information was leaked in the process, so maybe you don’t need to go changing your credit card numbers just yet. T-Mobile has also announced that they will be giving customers affected by this a free two-year subscription to identity theft protection.


Boston Dynamics shares an incredible behind-the-scenes look at robot-building

The robot developer and YouTube sensation is giving us another peek at its robot-building efforts, this time by having its humanoid robotics research platform, Atlas, do some more parkour. Besides releasing a highly polished video, the company also posted a behind-the-scenes look at what it takes to get a robot to jump through an obstacle course. It’s the best look at Atlas we’ve gotten yet and shows incredible footage of manufacturing, software, and repairs—plus some gnarly wipeouts when the stunts don’t go according to plan. This is the third video we’ve seen of Atlas doing parkour, and you might wonder why Boston Dynamics is so obsessed with making its robots jump on boxes and do backflips. Atlas does parkour for the same reason car companies do motorsports. Using sports to push the performance boundaries of a machine leads to the development of better parts and techniques, and the tests have a trickle-down effect for consumer products. 


Twitter’s latest experiment is a tool for reporting ‘misleading’ tweets

A new test from Twitter will finally allow users to report “misleading” tweets. The company says it’s testing the feature for “some people” in the US, South Korea and Australia. Though only an experiment, it’s a significant step for Twitter which has previously had limited reporting tools for misinformation on its service. With the change though, users will now be able to report political and health misinformation, with sub-categories for election and COVID-19 related tweets, according to The Verge. That tracks with other fact checking and misinformation-busting efforts Twitter has made over the past year and a half. The company has previously introduced labels and PSAs to debunk health and election misinformation on its platform.

Related Posts