AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 09/26/2022

Oracle Cloud admits users could access other customer data

A vulnerability in Oracle Cloud Infrastructure (OCI) could have allowed basically any user to read and write data belonging to any other OCI customer, researchers have claimed. Experts from cloud security firm Wiz said they stumbled upon the vulnerability when building an OCI connector for their own tech stack, discovering that they could attach other people’s virtual disks to their virtual machine instances. The only thing they’d need is that other person’s storage(opens in new tab) volume Oracle Cloud Identifier, and that the other person’s volume supported multi-attachment (or wasn’t already attached). 


San Francisco police can now watch private surveillance cameras in real time

Police in San Francisco got a boost to their surveillance powers this week after the city’s board of supervisors voted on Tuesday to grant the police department access to private surveillance cameras in real time. The vote, which passed 7–4, approved a one-year pilot program that will allow police to monitor footage from private cameras across the city with the camera owners’ consent. The San Francisco Police Department (SFPD) will not have continuous access to the cameras but will be able to tap into the network under certain conditions, such as during the investigation of crimes including misdemeanors and property crimes. The SFPD will also be able to access private camera footage during large-scale public events such as protests, even if there is no suspicion that a crime has taken place.


UK authorities have arrested a teenager linked to GTA VI leak

A Thursday night arrest of a 17-year-old in the UK may have led to the capture of one of the biggest video game-related leakers in recent history. London police forces confirmed their apprehension of an Oxford suspect on a social media channel regularly used for police arrest updates, and it clarified the suspect’s age, a vague charge of “suspicion of hacking,” and that the investigation was coordinated with the UK’s National Crime Agency (NCA) and specifically its National Cyber Crime Unit. That charge was followed hours later by a report from American freelance journalist Matthew Keys alleging that the arrest revolved squarely around the recent theft and distribution of unreleased assets from British video game studio Rockstar North.


Researchers unearth hacking group that’s been active, yet undetected for years

During a recent investigation of a series of cyber intrusions into an unnamed high-value target, threat intelligence researchers with SentinelOne’s SentinelLabs team discovered nearly 10 hacking groups associated with China and Iran. This isn’t necessarily new when dealing with significant targets, sometimes referred to as a “magnet of threats” in cybersecurity, as they attract and host multiple hacking efforts simultaneously. But among the cohabitating groups, researchers unearthed a previously unknown group that seems to be operating in alignment with nation-state interests and perhaps as part of a high-end contractor arrangement.


The deepfake danger: When it wasn’t you on that Zoom call

In August, Patrick Hillman, chief communications officer of blockchain ecosystem Binance, knew something was off when he was scrolling through his full inbox and found six messages from clients about recent video calls with investors in which he had allegedly participated. “Thanks for the investment opportunity,” one of them said. “I have some concerns about your investment advice,” another wrote. Others complained the video quality wasn’t very good, and one even asked outright: “Can you confirm the Zoom call we had on Thursday was you?” With a sinking feeling in his stomach, Hillman realized that someone had deepfaked his image and voice well enough to hold 20-minute “investment” Zoom calls trying to convince his company’s clients to turn over their Bitcoin for scammy investments.

Related Posts