AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 08/28/2019

1 Senators Question NHTSA on Risks of Connected Vehicles

Two United States senators have sent a letter to the National Highway Traffic Safety Administration (NHTSA) to inquire about cyber-risks associated with connected vehicles. In their letter, Senator Edward J. Markey (D-Mass.) and Senator Richard Blumenthal (D-Conn.), members of the Commerce, Science and Transportation Committee, also expressed concerns regarding the lack of publicly available information on the cyber-vulnerabilities associated with these automobiles. The letter (PDF) also asks NHTSA to share details on actions it has taken regarding the cyber-flaws in Internet-connected cars, pointing out that these vehicles could be hacked and even controlled remotely and putting human lives at risk. 


2 Instagram’s latest assault on Snapchat is a messaging app called Threads

Facebook is developing a new messaging app called Threads that is meant to promote constant, intimate sharing between users and their closest friends, The Verge has learned. Threads, which is designed as a companion app to Instagram, invites users to automatically share their location, speed, and battery life with friends, along with more typical text, photo, and video messages using Instagram’s creative tools. The app, which is designed for sharing with your “close friends” list on Instagram, is now being tested internally at Facebook.


3 Alex Stamos, Ex-Facebook Security Chief, Blames Journalists for Cambridge Analytica Fallout

A Facebook initiative announced last year designed to generate “independent, credible research about the role of social media in elections” is faltering, BuzzFeed reported this week, citing multiple sources with knowledge of the program and its participants. According to Facebook’s former chief security officer, reporters who covered the company’s Cambridge Analytica scandal are at least partly to blame. Alex Stamos, who oversaw security at Facebook when news first broke about the scandal last year, criticized BuzzFeed and “other outlets” over what he called “unbalanced reporting on privacy,” saying the media coverage of Facebook’s numerous privacy violations has been geared all along toward hampering its ability to share data for legitimate research.


4 Clickjacking scripts found on 613 popular sites, academics say

A team of academics from all over the world has found malicious scripts that intercept user clicks on 613 of today’s most popular websites. The practice, known primarily under the term of clickjacking, has been plaguing the advertising industry for years, with criminal groups taking advantage of it to perform hidden or unwanted clicks on online ads to boost their profits. For years, crooks have relied on malware or automated scripts to generate fake clicks on hidden ads, but in recent years, criminal groups have started migrating to techniques that hijack real user clicks.


5 YouTube says it will now remove ‘violent’ and ‘mature’ videos pretending to be kid-friendly

Earlier this week, YouTube quietly announced a policy change to its treatment of videos targeted toward minors and young children. The video platform says it will now remove all content that contains “violent” or “mature” themes if it is targeted toward kids, either through the title of the video, its description, or the accompanying tags.  Going forward, YouTube says this type of content “will no longer be allowed on the platform.” Prior to this change, YouTube was age-restricting such videos, but now it’s going a step further to help clean up the platform and make it a safer place for children amid intense regulatory scrutiny and nonstop criticism of its executive leadership.


6 Google Calendar spam is on the rise. Here’s how to stop the calendar invite spam

Spammers are now crafting new types of email messages that exploit a feature in Google’s email and calendar integration. The feature automatically adds meeting invites to your calendar. The meeting appears as an outline, until you accept it. But it is still added and displayed in your calendar. Clicking on the event description reveals the spam message, which often contains malicious links. The spammers hope users click through to a website that confirms your account is active, where you will subsequently start receiving more unsolicited emails. A worse case scenario could land you on a website that tries to trick you into giving up personal information.


7 Protect Against Romance Scams

The Federal Trade Commission (FTC) has released a short video to help users spot and defend against romance scams. In this type of fraud, cyber criminals gain the confidence of their victims and trick them into sending money. The video includes stories that romance scammers tell to online daters to get them to send money and offers tips for avoiding these scams. Use caution when online dating, and never send money or gifts to someone you have not met in person. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to review FTC’s article on Romance Scams and NCCIC’s tip on Staying Safe on Social Networking Sites. 


8 Ex-Google engineer indicted for stealing self-driving car secrets, pleads not guilty

Anthony Levandowski, a pioneer in self-driving car technology, was criminally charged on Tuesday with stealing trade secrets from his former employer Google before joining rival Uber Technologies Inc (UBER.N). The 33-count indictment made public by the U.S. Department of Justice largely mirrors allegations that the Waymo unit of Google parent Alphabet Inc (GOOGL.O), where Levandowski had worked, made in a 2017 civil lawsuit against Uber, which later settled. His lawyers said Levandowski stole nothing, and that they looked forward to proving his innocence at trial. Levandowski, 39, pleaded not guilty to the charges through one of his lawyers, at an arraignment before U.S. Magistrate Judge Nathanael Cousins in San Jose, California.


9 Kaspersky found malware in popular CamScanner app

CamScanner is a very popular Phone PDF creator app with more than 100 million downloads on Google Play Store. Experts from Kaspersky have discovered malware in the free Android version of the CamScanner app that could be used by attackers to remotely hack Android devices and steal targets’ data. Google has already removed the CamScanner app from the official Play Store and users have to uninstall the app from their Android device immediately. Malware researchers discovered a Trojan Dropper module in the app that could be exploited by remote attackers to download and install malicious payloads without any user interaction. The module was hidden in a 3rd-party advertising library that the author of the app recently was introduced.


10 Imperva Customer Database Exposed

Imperva has announced that the cloud web application firewall product formerly called Incapsula suffered a data exposure that allowed unauthorized access to customer data. The company said that a third party informed it on August 20 of the exposure, which existed through September 15, 2017. According to the notice posted on the CEO’s blog, a subset of Incapsula customers had email addresses, hashed and salted passwords, API keys, and customer-provided SSL certificates exposed. The blog post notes that the company is taking a variety of actions addressing the exposure, from engaging forensics experts and informing affected customers to forcing password rotations.


11 We will hack back if you tamper with our networks, NATO declares to world’s black hats

NATO’s secretary-general has once again declared that members of the alliance will respond with force to cyber-attacks, in line with Article 5 of its founding treaty. Jens Stoltenberg, the North American and western/northern Europe alliance’s main man, wrote in the latest issue of Prospect magazine that “an attack against one ally” would trigger action from every member of the collective-defence grouping. “For NATO, a serious cyberattack could trigger Article 5 of our founding treaty,” wrote the secretary-general. “We have designated cyberspace a domain in which NATO will operate and defend itself as effectively as it does in the air, on land, and at sea. This means we will deter and defend against any aggression towards allies, whether it takes place in the physical world or the virtual one.”

Related Posts