Our website may use cookies to improve and personalize your experience and to display advertisements (if any). Our website may also include cookies from third parties like Google Adsense or Google Analytics. By using the website, you consent to the use of cookies. We’ve updated our Privacy Policy. Please click on the button to check our Privacy Policy.

AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 09/29/2020

Federal Judge Temporarily Blocks Trump’s TikTok Ban

A federal judge Sunday granted TikTok’s request for a temporary injunction to block the Trump administration’s order that would have banned the Chinese social media app from the U.S. starting Monday. Judge Carl Nichols of the U.S. District Court for the District of Columbia issued his decision Sunday – a few hours before the Trump administration’s ban would have forced Apple and Google to remove the TikTok video-sharing app from their online stores. The ban would have meant that new users would have no longer been able to download the app to their devices and that current users would not have been able to access updates.

 

Pastebin adds ‘Burn After Read’ and ‘Password Protected Pastes’ to the dismay of the infosec community

Pastebin, the most popular website where users can share small snippets of text, has added two new features today that cyber-security researchers believe are going to be widely and wildly abused by malware operators. Named “Burn After Read” and “Password Protected Pastes,” the two new features allow Pastebin users to create pastes (pieces of text) that expire after a single read or pastes that are protected by a password. None of the two features are original, as they have been present on many paste sites for years. However, they are new to Pastebin, which is, by far, today’s most popular pastes portal, being ranked in the Alexa Top 2,000 most popular sites on the internet.

 

Calls Grow to Restore White House Cybersecurity Leader Role

The U.S. Government Accountability Office is urging Congress to pass legislation to reestablish a White House cybersecurity coordinator role. The position would coordinate the government’s response to online attacks and other cybersecurity challenges facing the nation. In a new report, “Clarity of Leadership Urgently Needed to Fully Implement the National Strategy,” the federal watchdog recommends that Congress consider legislation to designate a leadership position in the White House and give it the authority to implement and encourage action in support of the nation’s cybersecurity. “Cyberattacks are one of the top threats to our nation’s critical infrastructure, safety, and economic security,” says Maloney, who has been driving legislation to recreate the position. “According to GAO, the White House lacks clear leadership in implementing the nation’s cybersecurity strategy, particularly in light of the administration’s elimination of the White House Cybersecurity Coordinator position in May 2018.”

 

Ryuk ransomware causes chaos in giant UHS hospital network

Ransomware might not be new to our ears but, save for some high-profile cases like Garmin’s last July, most of the news revolved around companies or unwitting individuals being hit by the malware. Those, however, have never been the only targets and things take an even worse turn when health care facilities become the victims. Such was the case last Sunday when Universal Health Services, one of the largest hospital networks operating in the US, had to resort to pen and paper after several facilities’ computer systems shut down and refused to start up due to a ransomware attack. In the middle of the night on Sunday, UHS hospitals across the country abruptly shutdown. UHS confirmed it has an IT security issue that forced it to take its computer networks offline but didn’t confirm or deny that it was related to ransomware. Employee testimonies, however, pointed to how files were being renamed with the “.ryk” extension that has been associated with the Ryuk ransomware.

 

Global Microsoft outage brings down Teams, Office 365 and Outlook

Microsoft has said it is investigating an outage that brought down Microsoft’s cloud-based office services including the meetings software, Teams, worldwide. Microsoft reported issues with authentication for its cloud services at around 9.25pm UTC, meaning people were having issues logging into the online services Teams, Outlook and Office.

On Twitter, the company blamed a recent update to the service for causing the outage, and said the update would be rolled back to mitigate issues. At 3am UTC, Microsoft reported the services were mostly restored, but small subset of customers in North America and Asia Pacific were still unable to access services. The outage had affected services worldwide.

 

Amazon One lets you pay at stores with the palm of your hand

The palm is the new fingerprint. Amazon One, a new service from Amazon, is a novel way of contactless payment that scans your palm for authentication. Besides payments, it could be used for anything that requires authentication, like entering a stadium or presenting a loyalty card. For starters, though, Amazon will introduce it in select Amazon Go stores, adding Amazon One to the stores’ entry gates. To start using Amazon One, you’ll have to go through an onboarding process which consists of inserting your credit card into the Amazon One device, then hovering your palm above it, and following the instructions as the device builds your unique palm signature. Once you’ve signed up, you’ll be able to enter Amazon Go stores just by holding your palm over the device “for a second or so,” Amazon says. 

Related Posts