Our website may use cookies to improve and personalize your experience and to display advertisements (if any). Our website may also include cookies from third parties like Google Adsense or Google Analytics. By using the website, you consent to the use of cookies. We’ve updated our Privacy Policy. Please click on the button to check our Privacy Policy.

AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 09/16/2021

Ex-U.S. intel operatives admit hacking American networks for UAE

Three former U.S. intelligence operatives who worked as cyber spies for the United Arab Emirates admitted to violating U.S. hacking laws and prohibitions on selling sensitive military technology, under a deal to avoid prosecution announced on Tuesday. The operatives – Marc Baier, Ryan Adams and Daniel Gericke – were part of a clandestine unit named Project Raven, first reported by Reuters, that helped the UAE spy on its enemies. At the behest of the UAE’s monarchy, the Project Raven team hacked into the accounts of human rights activists, journalists and rival governments, Reuters reported. The three men admitted to hacking into computer networks in the United States and exporting sophisticated cyber intrusions tools without gaining required permission from the U.S. government, according to court papers released in U.S. federal court in Washington, D.C., on Tuesday.

 

Close to half of on-prem databases contain vulnerabilities, with many critical flaws

A five-year study has concluded with a sobering fact for businesses using on-premise servers: close to half contain vulnerabilities that may be ripe for exploitation. Imperva released the results of the study on Tuesday, which analyzed roughly 27,000 databases and their security posture. In total, 46% of on-premises databases worldwide, accounted for in the scan, contained known vulnerabilities. On average, each database contained 26 security flaws, with 56% ranked as a “high” or “critical” severity bug — including code execution vulnerabilities that can be used to hijack an entire database and the information contained within. All it may take, in some cases, is a scan on Shodan to find a target and executing a malicious payload. “This indicates that many organizations are not prioritizing the security of their data and neglecting routine patching exercises,” Imperva says. “Based on Imperva scans, some CVEs have gone unaddressed for three or more years.”

 

Microsoft wants you to stop using passwords for its apps and services — here’s how

Companies and consortiums have been waging war against passwords through security keys and authenticator apps for years now. Microsoft has taken one more step towards a passwordless future by allowing you to remove the password from your account altogether — so you won’t need it to sign into Windows, your email, or Outlook. The company offers options for alternative sign-in, such as the authenticator app or physical security keys. If you choose to go with those, you can ditch your password entirely. On Windows-based laptops, you can use Windows Hello facial recognition or fingerprint sign-in to get around the hassle of remembering passwords.

 

Powerful botnet found to be launching some of the biggest DDoS attacks ever

Some of the most powerful DDoS attacks ever detected have been revealed by cybersecurity company StormWall. This specific botnet, which enabled DDoS attacks of up to 2TB/s, sets a new record over the entire life of the internet as we know it so far. Originating from Spain, the botnet, which consisted of 49,000 thousand servers, was openly available to hire online, costing from $2,500 for two days usage.  According to Stormwall, most of the detected DDoS attacks were directed at the gaming industry. “The attacks carried out by the new botnet are quite standard and it can launch attacks using the UDP, TCP, and HTTP protocols (at layer seven of the OSI model) with browser emulation,” the company said. “Attacks of such power affect not only the victim but also the entire chain of its providers and can cause problems with access to the Internet at the same time for hundreds of thousands of users and online resources.”

 

DoorDash sues to stop New York data-sharing measure

DoorDash on Wednesday sued New York City over a measure requiring it and meal delivery rivals to share customer data with restaurants. DoorDash contended that the bill yet to be signed into law by the mayor of the city opens the door for names, addresses, telephone numbers and email addresses to be misused or poorly guarded by eateries. “This bill threatens the safety and privacy of New York City consumers,” DoorDash said in a post. “We remain committed to fighting on their behalf to keep this harmful, first-of-its-kind legislation from taking effect.” Backers of the legislation say it is meant to help restaurants that have suffered due to the pandemic better connect with customers who use meal delivery services.

Related Posts