AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 09/28/2023

Valve fails to get out of paying its EU geo-blocking fine

Valve has failed to convince a court that it didn’t infringe EU law by geo-blocking activation keys, according to a new ruling. The company argued that, based on copyright law, publishers had the right to charge different prices for games in different countries. However, the EU General Court confirmed that its geo-blocking actions “infringed EU competition law”and that copyright law didn’t apply.

 

Google quietly corrects previously submitted disclosure for critical webp 0-day

Google has quietly resubmitted a disclosure of a critical code-execution vulnerability affecting thousands of individual apps and software frameworks after its previous submission left readers with the mistaken impression that the threat affected only the Chrome browser. The vulnerability originates in the libwebp code library, which Google created in 2010 for rendering images in webp, a then-new format that resulted in files that were up to 26 percent smaller than PNG images. Libwebp is incorporated into just about every app, operating system, or other code library that renders webp images, most notably the Electron framework used in Chrome and many other apps that run on both desktop and mobile devices.

 

RICO class-action data privacy lawsuit filed against H&R Block, Google, Meta

A trial lawyer who secured a nearly $90 million verdict against Monsanto filed suit against H&R Block on Wednesday, alleging the tax preparation firm collaborated with Meta and Google to embed “spyware” on its website to make money from scraped tax return data. The class-action suit alleges the three companies’ joint conduct should be considered a pattern of racketeering on a “massive scale.” Los Angeles-based R. Brent Wisner, managing partner of Wisner Baum, is filing the suit under the Racketeer Influenced and Corrupt Organizations Act (RICO), which usually applies to organized crime. The firm says it’s the first class-action RICO suit in the H&R Block case.

 

Building automation giant Johnson Controls hit by ransomware attack

Johnson Controls International has suffered what is described as a massive ransomware attack that encrypted many of the company devices, including VMware ESXi servers, impacting the company’s and its subsidiaries’ operations. Johnson Controls is a multinational conglomerate that develops and manufactures industrial control systems, security equipment, air conditioners, and fire safety equipment. The company employs 100,000 people through its corporate operations and subsidiaries, including York, Tyco, Luxaire, Coleman, Ruskin, Grinnel, and Simplex.

 

GitHub repos bombarded by info-stealing commits masked as Dependabot

Hackers are breaching GitHub accounts and inserting malicious code disguised as Dependabot contributions to steal authentication secrets and passwords from developers. The campaign unfolded in July 2023, when researchers discovered unusual commits on hundreds of public and private repositories forged to appear as Dependabot commits. Dependabot is an automated tool provided by GitHub that scans projects for vulnerable dependencies and then automatically issues pull requests to install the updated versions.

 

Google to block Bard conversations from being indexed on Search

Alphabet-owned Google is working on blocking user conversations with its new Bard generative AI assistant from being indexed on its Search platform or showing up as results. “Bard allows people to share chats, if they choose. We also don’t intend for these shared chats to be indexed by Google Search. We’re working on blocking them from being indexed now,” Google’s Search Liaison account posted on Twitter, now X. The internet search giant was responding to an SEO Consultant who pointed out on Twitter that user conversations with Bard were being indexed on Google Search.

 

The anatomy of a Facebook account heist

Jessica Sems was on Facebook at 2 am when hackers struck in a series of attacks. First, she was locked out. Then, her account data — photos, posts, even her name — were all gone. Within a few minutes, the entire profile looked like it belonged to celebrity portrait photographer Jerry Avenaim. Feeling overwhelmed, Sems logged in to Netflix instead, only to realize she’d been locked out of that too. When she called customer support, Netflix said they had no record of her email address being associated with an account, despite her having been a Netflix customer for eight years. She was able to get back on Netflix after chatting with support for an hour, but as of late September, her Facebook account had still not been recovered since the initial hack six months earlier.

Related Posts