AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 09/04/2020

Verizon spends big in FCC auction ahead of mid-band 5G launch

Verizon (Engadget’s parent company) was the biggest winner in the FCC’s recently concluded auction for licenses in the 3.5 GHz band. In its announcement, the commission has revealed that Verizon placed $1.89 billion in winning bids, followed by Dish Network (under the name Wetterhorn Wireless) with total winning bids worth $912 million. The FCC started auctioning off 70 megahertz of Priority Access Licenses in a band that’s seen as key to widespread 5G and Internet of Things deployment back in July. When the agency announced (PDF) the auction’s conclusion last month, FCC Chairman Ajit Pai said it was a key part of the commission’s 5G FAST Plan and its “ongoing push to make more mid-band spectrum available for 5G.” In all, the auction reached $4.6 billion in winning bids, not just from Verizon and Dish, but also from a number of cable operators. As the Wall Street Journal notes, their participation suggests that they’re planning to offer more mobile services or that they’re working to break free from running their services on Verizon’s network.


Court rules NSA phone snooping illegal — after 7-year delay

The National Security Agency program that swept up details on billions of Americans’ phone calls was illegal and possibly unconstitutional, a federal appeals court ruled Wednesday. However, the unanimous three-judge panel of the 9th Circuit Court of Appeals said the role the so-called telephone metadata program played in a criminal terror-fundraising case against four Somali immigrants was so minor that it did not undermine their convictions. The long-awaited decision is a victory for prosecutors, but some language in the court’s opinion could be viewed as a rebuke of sorts to officials who defended the snooping by pointing to the case involving Basaaly Moalin and three other men found guilty by a San Diego jury in 2013 on charges of fundraising for Al-Shabaab.


Russia’s IRA used phony news accounts on Facebook to discuss QAnon, coronavirus

Russia’s troll farm again is trying to use Facebook to inflame divisions in the U.S. ahead of a presidential election. Facebook on Tuesday said it removed 13 accounts and two pages, which had 14,000 followers, affiliated with the Internet Research Agency, a Russian organization with a long history of using fake social media accounts to exploit political tension. The accounts impersonated independent news outlets to create discussions about the coronavirus pandemic, Joe Biden’s political candidacy and the right-wing conspiracy QAnon, among other topics. In some cases, IRA members posed as news editors to recruit freelance journalists to post content about contentious political topics.


Slack users unwittingly phished with malicious payloads

Since late June, the platform’s file storage domain – slack-files.com – appeared to pop up with far more regularity on the Phish Alert Button, leading KnowBe4 researchers to surmise that Slack users using the referral URL domain, slack-redir.net, are being duped with malicious payloads, raising concerns. And if an attacker can penetrate an organization and take over an employee’s Slack account, it is an ideal medium to move laterally within the organization. While COVID-19 ushered in a work-from-home mentality in March that put Zoom at center stage for visual communications, online collaboration-focused platforms like Slack also became critical cogs in most organizations’ new remote workflow. In this latest scheme, actors are injecting malicious messages within phishing attacks that might appear legitimate to users, because the brand name is recognizable, according to a KnowBe4 blog post that illustrates the campaign through a series of screenshots.


Apple fires shot at Google in new privacy ad

The one-minute ad features a number of scenarios showcasing how Apple says it keeps users’ data safe.  There’s a man who tells everyone on a bus that he browsed for eight divorce attorneys last night, a woman having a conversation with her friend at work saying that she hates one of her coworkers, another woman telling a waitress that she purchased a pregnancy test, and a man who continuously shouts his heart rate. The thrust of the ad is that Apple’s technology keeps all of that data safe, while competitors’ don’t. Tech giants like Google may not exactly be sharing your information with the world in the same way Apple seems to say they do, but Apple is keen on making it clear that it doesn’t harvest user data to sell advertisements, and instead leans on its own hardware and services.

Related Posts