AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 08/26/2019

1 Peripheral Maker Fanatec Hacked, Customer Details Stolen

If you’ve ever been in the market for a high-end gaming controller, racing wheel, or pedals, chances are peripheral maker Fanatec was on your radar. Purchasing directly from Fanatec turned out to be a bad idea, though, as your personal details are probably in the hands of hackers. As Kotaku reports, Fanatec CEO Thomas Jackermeier sent out an email yesterday to all customers informing them that, “our online shop of our company was compromised by a cyber-attack on 16.08.2019.” The breach in security meant hackers gained access to the company’s customer database and therefore the personal details of all customers.

 

2 Google Chrome to Warn If Logins Are Found in a Data Breach

Google is adding a built-in data breach notification service to the Chrome browser that will alert users when they are logging into sites with credentials that have been exposed by breaches. With the constant leaks of account credentials from data breaches and the rampant password reuse commonly seen among users, data breach notification services were created to alert users when their email addresses were included in a data breach. When the password protection feature is enabled, a new option will appear in the Google Chrome password manager that allows you to toggle on and off the compromised login detection feature.

 

3 Privacy Incident at Massachusetts General Hospital’s Neurology Department

Massachusetts General Hospital (“MGH”) is notifying approximately 9,900 individuals of a privacy incident involving MGH’s Department of Neurology in connection with some of its research programs.On June 24, 2019, MGH learned that an unauthorized third party had access to databases related to two computer applications used by researchers in the Department of Neurology for specific Neurology research studies. MGH immediately began an investigation into the matter.  The investigation revealed that between June 10 and June 16, 2019 this unauthorized third party had access to databases containing research data used by certain Neurology researchers.

 

4 FAA threatens $25,000 fine for weaponizing drones

It’s perfectly natural for a red-blooded American to, once they have procured their first real drone, experiment with attaching a flame thrower to it. But it turns out that this harmless hobby is frowned upon by the biggest buzzkills in the world… the feds. Yes, the FAA has gone and published a notice that drones and weapons are “A Dangerous Mix.” Well, that’s arguable. But they’re the authority here, so we have to hear them out. “Perhaps you’ve seen online photos and videos of drones with attached guns, bombs, fireworks, flamethrowers, and other dangerous items. Do not consider attaching any items such as these to a drone because operating a drone with such an item may result in significant harm to a person and to your bank account.”

 

5 Emotet Botnet Is Back, Servers Active Across the World

Command and control (C2) servers for the Emotet botnet appear to have resumed activity and deliver binaries once more. This comes after being inert since the beginning of June. Although it started as a banking trojan in 2014, Emotet changed its course to becoming a botnet that delivers various malware strains. Emotet is now one of the top threats, its infrastructure being used to distribute Trickbot, another banking trojan, and then spread the Ryuk ransomware. This combination is dubbed ‘triple threat’ and has affected public administrations in the U.S.

 

6 Thousands Of Banned Chinese Surveillance Cameras Are Watching Over America

You’d have thought the U.S. government would be moving fast to kick Chinese surveillance tech out of the country. But despite a legally mandated ban signed off on a year ago, the Trump administration hasn’t been able to clean networks of prohibited Chinese cameras keeping watch over U.S. government facilities. As of this month, all federal government bodies should have started on plans to remove tech from four manufacturers that are considered too closely linked to the Chinese government. They include telecoms giants Huawei and ZTE, as well as surveillance camera makers Dahua and Hikvision.

 

7 Vast majority of newly registered domains are malicious

Newly registered domains (NRDs) are created at the astounding rate of about 200,000 every day and a recent report indicates that 70 percent of these are malicious or suspicious and used for a wide range of nefarious activities. The NRDs are an interesting breed with some staying active for a very brief period, just hours, while others are quickly spotted behaving as command and control servers or distributing malware, phishing attacks or used for typosquatting. For the most part NRDs are registered under the .com TLD, but those registered under a country code extension tend to be malicious in nature.

 

8 IRS Warns of New Email Scam

The Internal Revenue Service (IRS) has issued a warning about a new email scam in which malicious cyber actors send unsolicited emails to taxpayers from fake (i.e., spoofed) IRS email addresses. The emails contain a link to a spoofed IRS.gov website that displays fake details about the targeted recipient’s tax refund, return, or account. The emails instruct the recipient to access their refund information by entering a provided password on the spoofed website. By entering the password, the victim unintentionally downloads malware that could enable the malicious cyber actors to take control of the affected system or obtain sensitive information.

 

9 Hackers are actively trying to steal passwords from two widely used VPNs

Hackers are actively unleashing attacks that attempt to steal encryption keys, passwords, and other sensitive data from servers that have failed to apply critical fixes for two widely used virtual private network (VPN) products, researchers said. The vulnerabilities can be exploited by sending unpatched servers Web requests that contain a special sequence of characters, researchers at the Black Hat security conference in Las Vegas said earlier this month. The pre-authorization file-reading vulnerabilities resided in the Fortigate SSL VPN, installed on about 480,000 servers, and the competing Pulse Secure SSL VPN, installed on about 50,000 machines, researchers from Devcore Security Consulting reported.

 

10 Bezos and Musk’s satellite internet could save Americans $30B a year

Low Earth orbit (LEO) satellites for broadband internet access are beginning to display signs of real potential. Recently, Amazon chief Jeff Bezos’ Blue Origin pulled back the curtain on its space intentions by announcing Project Kuiper, a 3,236-satellite constellation. Additionally, Elon Musk’s SpaceX Starlink recently launched a rocket containing 60 satellites from Florida’s Cape Canaveral. The fight for space internet supremacy is on. Both players, alongside others like OneWeb, are spending billions in space in hopes of making further billions annually once the satellites go into service for consumers in the US and around the globe. 

 

11 The fake baby Instagram adoption scam

In many countries, social media would be the last place anyone would look for a baby to adopt. In the US, though, most states allow something called private adoption, where couples hoping to adopt and birth mothers find each other independently. The arrangement is then formalised by an attorney or an adoption agency. When US couples want to adopt a baby they often post ads online and search social media for women pregnant with an unwanted child. Sometimes it works – but there are dangers. One young scammer has tricked countless couples, just for fun, by stealing the identity of a pregnant woman.

 

12 Alleged ‘Snake Oil’ Crypto Firm Sues Over Boos at Black Hat

One of the strangest moments at the Black Hat USA security conference in Las Vegas this month has now become the subject of a federal lawsuit against the conference. In a filing to the United States District Court for the Southern District of New York (PDF), attorneys for the “emerging digital cryptography” firm Crown Sterling alleged that Black Hat USA had breached “its sponsorship agreement with Crown Sterling and the implied covenant of good faith and fair dealing arising therefrom.” Crown Sterling goes on to accuse the conference organizers of “other wrongful conduct” connected to events surrounding the presentation of a paper by Crown Sterling CEO and founder Robert E. Grant. In addition to legally targeting the conference, Crown Sterling has also filed suit against 10 “Doe” defendants, who it claims orchestrated a disruption of the company’s sponsored talk at Black Hat.

 

13 Capital One hacker denied release, will remain in jail

The judge ruled that Thompson was a flight risk, and a threat to herself and others, and should remain detained for the time being.

The decision comes after the suspect’s lawyers tried earlier this week to have Thompson, a transgender woman, moved to a halfway house and have her placed under GPS monitoring, so she can have better access to mental health care, and to prevent her from becoming subject to abuse or experiencing trauma. But despite noting in previous court documents that Thompson’s behavior appears to be related to “a significant history of mental health problems,” the prosecution argued against, that Thompson should remain detained for the time being.

 

14 The teenager who made millions on Bitcoin is staking it all on this obscure token

Erik Finman was 12 years old when he bought $1,000 worth of Bitcoin in the summer of 2011. The world’s first digital currency was just two years old and trading for $10, a time when most folks, if they knew about Bitcoin at all, associated it with the dark web drug trade or its fringe fanbase of libertarians, anarchists, and cypherpunks. A month before he made the purchase, he’d cut a deal with his parents. If he could turn a $1,000 gift from his grandmother into $1 million, he wouldn’t have to attend university. By 2017, he’d won the agreement.

 

15 U.S. lawmaker says still concerned about Facebook cryptocurrency after Swiss meetings

The chair of the U.S. House Financial Services Committee said on Sunday she remained concerned about Facebook’s plans for a digital currency after meeting the government officials in Switzerland that Facebook has said will regulate it. “While I appreciate the time that the Swiss government officials took to meet with us, my concerns remain with allowing a large tech company to create a privately controlled, alternative global currency,” Congresswoman Maxine Waters said in a statement.

 

16 Is Captioning an Audiobook Illegal? Major Publishers Say Yes, And They’re Suing Audible

Seven of the biggest names in publishing filed a lawsuit against Audible on Friday, arguing that its recently announced AI-generated captions feature breaks copyright law. The Amazon subsidiary debuted the service, Audible Captions, last month with a release lined up for the start of this upcoming school year (which, of course, these publishers want the courts to put a stop to). Designed in part for educational purposes, Audible Captions does exactly what its name would imply: It throws up captions on your phone or tablet corresponding to the words narrated in an audiobook.

Related Posts