Our website may use cookies to improve and personalize your experience and to display advertisements (if any). Our website may also include cookies from third parties like Google Adsense or Google Analytics. By using the website, you consent to the use of cookies. We’ve updated our Privacy Policy. Please click on the button to check our Privacy Policy.

AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 08/26/2020

A Chrome feature is creating enormous load on global root DNS servers

The Chromium browser—open source, upstream parent to both Google Chrome and the new Microsoft Edge—is getting some serious negative attention for a well-intentioned feature that checks to see if a user’s ISP is “hijacking” non-existent domain results. The Intranet Redirect Detector, which makes spurious queries for random “domains” statistically unlikely to exist, is responsible for roughly half of the total traffic the world’s root DNS servers receive. Verisign engineer Matt Thomas wrote a lengthy APNIC blog post outlining the problem and defining its scope. DNS, or the Domain Name System, is how computers translate relatively memorable domain names like arstechnica.com into far less memorable IP addresses, like 3.128.236.93. Without DNS, the Internet couldn’t exist in a human-usable form—which means unnecessary load on its top-level infrastructure is a real problem.

 

After Facebook Blocked a Group Critical of the Thai Monarchy, Its Activist Creator Said He Was ‘Not Surprised’

Facebook has complied with a Thailand government order to block a group critical of the Thai monarchy, but the social media giant said it will pursue legal action against the demand. On Monday, August 24, Facebook blocked access within Thailand to a group named “Royalist Marketplace__,__” which has amassed over a million members within four months of its creation. “After careful review, Facebook has determined that we are compelled to restrict access to content which the Thai government has deemed to be illegal,” Facebook said in a statement to CNN Business. Facebook data showed that the site restricted access to about 1,500 posts in Thailand last year, acting on the requests of Thailand’s Ministry of Digital Economy and Society for allegedly breaching the country’s Computer Crimes Act and strict “lese-majeste” laws, which makes criticizing the monarchy punishable by up to 15 years in prison. 

 

Harvard and Sony built a tiny surgery robot inspired by origami

Researchers from Harvard’s Wyss Institute and Sony have created a surgical robot that’s much smaller than many other such devices. They took inspiration from origami to build the mini-RCM, which is around the size of a tennis ball and weighs about the same as a penny. Wyss associate faculty member Robert Wood and Sony engineer Hiroyuki Suzuki built the mini-RCM using a manufacturing technique developed in Wood’s lab. Materials are layered on top of each other then cut with a laser in a way that allows them to form a 3D shape — kinda like a kids’ pop-up book. Three linear actuators control the mini-RCM’s movements in multiple directions.

 

Conti (Ryuk) joins the ranks of ransomware gangs operating data leak sites

It has now become a mainstream tactic for big ransomware groups to create so-called “leak sites” where they upload and leak sensitive documents from companies who refuse to pay the ransomware decryption fee. These “leak sites” are part of a new trend forming on the cybercriminal underground where ransomware groups are adopting a new tactic called “double extortion.” The perfect example of how ransomware gangs are currently using “leak sites” and “double extortion” to put pressure on victims to pay is the case of the University of Utah. Last week, the university’s management admitted to paying $457,000 to a ransomware gang even if they recovered their encrypted files using previous backups.

 

The Pentagon’s Latest Cyborg Insect: Locust Bomb Sniffers

With a chittering of wings and a flickering of antennae, the locusts buzzed into position. Released from their cage, the swarm buzzed across the road, senses tuned and trained to the scent of TNT. First one lands, and then another, and near the corner of the street, hidden under loose cardboard and a fake, papier-maché rock, is the improvised explosive device. The swarm monitor plots the location on a tablet like a game of minesweeper, and waits for the swarm to identify more hidden hazards. This is not, yet, the reality of war, but a possible future based on present research undertaken by the Office of Naval Research. Using electrodes, transmitters, and a little bit of glue and insect surgery, research successfully demonstrated the ability of cyborg locusts to detect explosive compounds. The project began in 2016, and this month researchers at Washington University in St. Louis published their results in the journal Biosensors and Biolectronics: X.

 

New AI algorithm to detect cryptocurrency miners as they steal power

Computer scientists have developed a new artificial intelligence (AI) system that may be able to identify malicious codes that hijack supercomputers to mine for cryptocurrency such as Bitcoin and Monero. “Based on recent computer break-ins in Europe and elsewhere, this type of software watchdog will soon be crucial to prevent cryptocurrency miners from hacking into high-performance computing facilities and stealing precious computing resources,” said Gopinath Chennupati, a researcher at Los Alamos National Laboratory and co-author of a new paper in the journal IEEE Access. “Our deep learning artificial intelligence model is designed to detect the abusive use of supercomputers specifically for the purpose of cryptocurrency mining.”

Related Posts