AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 08/21/2023

Google proposes new security keys to protect data from future quantum attacks

Even though quantum computers are still under development, researchers are already working to protect sensitive data from attacks fueled by the expected advances in computing power. This week Google announced the release of code for a security key that uses cryptography designed to withstand decryption attempts by traditional computers and quantum processors as well. The company says its proposed implementation will allow for the creation of quantum-resilient security keys under FIDO2, the second version of a global standard for passwordless authentication.


WoofLocker Toolkit Hides Malicious Codes in Images to Run Tech Support Scams

Cybersecurity researchers have detailed an updated version of an advanced fingerprinting and redirection toolkit called WoofLocker that’s engineered to conduct tech support scams. The sophisticated traffic redirection scheme was first documented by Malwarebytes in January 2020, leveraging JavaScript embedded in compromised websites to perform anti-bot and web traffic filtering checks to serve next-stage JavaScript that redirects users to a browser locker (aka browlock). This redirection mechanism, in turn, makes use of steganographic tricks to conceal the JavaScript code within a PNG image that’s served only when the validation phase is successful. Should a user be detected as a bot or not interesting traffic, a decoy PNG file without the malicious code is used.


This Malware Turned Thousands of Hacked Windows and macOS PCs into Proxy Servers

Threat actors are leveraging access to malware-infected Windows and macOS machines to deliver a proxy server application and use them as exit nodes to reroute proxy requests. According to AT&T Alien Labs, the unnamed company that offers the proxy service operates more than 400,000 proxy exit nodes, although it’s not immediately clear how many of them were co-opted by malware installed on infected machines without user knowledge and interaction. “Although the proxy website claims that its exit nodes come only from users who have been informed and agreed to the use of their device,” the cybersecurity company said it found evidence where “malware writers are installing the proxy silently in infected systems.”


Interpol arrests 14 who allegedly scammed $40m from victims in ‘cyber surge’

An Interpol-led operation arrested 14 suspects and identified 20,674 “suspicious” networks spanning 25 African countries that international cops have linked to more than $40 million in cybercrime losses. Africa Cyber Surge II, a combined police operation which began in April and lasted four months, was a coordinated effort between Interpol, African law enforcement, and private-sector security firms to disrupt online extortion, phishing, business email compromise (BEC) and other cyber scams. But given that BEC scams cost billions of dollars a year it’s small change. Interpol, Afripol, and infosec companies Group-IB and Uppsala Security provided on-the-ground operational support, the international agency said. This included helping with three arrests in Cameroon related to an online scam involving the fraudulent sale of works of art worth $850,000.


Brazilian Hacker Claims Bolsonaro Asked Him to Hack Into the Voting System Ahead of 2022 Vote

A Brazilian hacker claimed at a congressional hearing Thursday that then-President Jair Bolsonaro wanted him to hack into the country’s electronic voting system to expose its alleged weaknesses ahead of the 2022 presidential election. Walter Delgatti Neto did not provide any evidence for his claim to the parliamentary commission of inquiry. But his detailed testimony raises new allegations against the former far-right leader, who is being investigated for his role in the Jan. 8 riots in the capital city of Brasilia. Delgatti told lawmakers he met in person with Bolsonaro on Aug. 10, 2022, for between 90 minutes and two hours at the presidential residence. He said he told the leader he could not hack into the electronic voting system because it wasn’t connected to the internet.


‘Very wonderful, very toxic’: how AI became the culture war’s new frontier

When Elon Musk introduced the team behind his new artificial intelligence company xAI last month, the billionaire entrepreneur took a question from the rightwing media activist Alex Lorusso. ChatGPT had begun “editorializing the truth” by giving “weird answers like that there are more than two genders”, Lorusso posited. Was that a driver behind Musk’s decision to launch xAI, he wondered. “I do think there is significant danger in training AI to be politically correct, or in other words training AI to not say what it actually thinks is true,” Musk replied. His own company’s AI on the other hand, would be “maximally true” he had said earlier in the presentation.

Related Posts