AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 08/24/2021

Caller ID Spoofing

Spoofing is when a caller deliberately falsifies the information transmitted to your caller ID display to disguise their identity. Scammers often use neighbor spoofing so it appears that an incoming call is coming from a local number, or spoof a number from a company or a government agency that you may already know and trust. If you answer, they use scam scripts to try to steal your money or valuable personal information, which can be used in fraudulent activity. You may not be able to tell right away if an incoming call is spoofed. Be extremely careful about responding to any request for personal identifying information.


U.S. State Department recently hit by a cyber attack -Fox News

The U.S. State Department was recently hit by a cyber attack, and notifications of a possible serious breach were made by the Department of Defense Cyber Command, a Fox News reporter tweeted. It is unclear when the breach was discovered, but it is believed to have happened a couple of weeks ago, according to the Fox News reporter’s Twitter thread. The reporter added the State Department’s ongoing mission to evacuate Americans and allied refugees from Afghanistan has “not been affected.” Without confirming any incident, a knowledgeable source told Reuters the State Department has not experienced significant disruptions and has not had its operations impeded in any way.


China passes new personal data privacy law, to take effect Nov. 1

China’s National People’s Congress on Friday passed a law designed to protect online user data privacy and will implement the policy from Nov. 1, according to state media outlet Xinhua. The law’s passage completes another pillar in the country’s efforts to regulate cyberspace and is expected to add more compliance requirements for companies in the country. China has instructed its tech giants to ensure better secure storage of user data, amid public complaints about mismanagement and misuse which have resulted in user privacy violations. The law states that handling of personal information must have clear and reasonable purpose and shall be limited to the “minimum scope necessary to achieve the goals of handling” data.


Cyber insurance market encounters ‘crisis moment’ as ransomware costs pile up

It’s a sure sign of trouble when leading insurance industry executives are worried about their own prices going up. Two separate CEOs of major insurance giants remarked in recent weeks about a considerable jump in cyber insurance premium prices: AIG’s chief executive said rates increased by 40% for its clients, while Chubb’s chief executive said that company was charging more, too. Rather than welcoming the trend, Chubb CEO Evan Greenberg offered a warning. Those price increases, he said, still don’t reflect the grave risk that a catastrophic cyber event poses. “That is not addressing by itself the fundamental issue,” he said. Those are just two data points about how, in the past year, the evolution of ransomware has radically altered the landscape of cyber insurance, according to analysts inside and outside the industry. 


SynAck ransomware decryptor lets victims recover files for free

Emsisoft has released a decryptor for the SynAck Ransomware, allowing victims to decrypt their encrypted files for free. The SynAck ransomware gang launched its operation in 2017 but rebranded as the El_Cometa gang in 2021. As part of this rebranding, the threat actors released the master decryption keys and documentation for their encryption algorithm on their Tor data leak site. Today, Emsisoft has released a SynAck ransomware decryptor that works on all variants and allows victims to recover their files for free. After downloading the decryptor, simply run the program and browse to a ransom note. After selecting the ransom, press the Start button and the decryption key will be detected.


Clubhouse removed personal info from Afghan users’ accounts as a safety measure

Earlier this week, Facebook introduced tools to help people in Afghanistan lock down their accounts. Clubhouse, the social audio app, is doing the same thing. The company announced on Twitter that it was proactively making some changes to the privacy settings for users in Afghanistan. Specifically, for users who “haven’t been active,” Clubhouse is hiding their photo and bio and making it harder to find the accounts in search. Users are free to then add back any information they feel comfortable sharing, and they can also reach out to support to make their account “more discoverable.” As noted by The Verge, Clubhouse says that all the actions it is taking are reversible, and that these changes won’t affect users’ followers. The company also says that users can use pseudonyms rather than real names for safety purposes.

Related Posts