AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 1/30/2020

1 – Hackers stole $13,103.91 from me. Learn from my mistakes.

It began with dumplings. When I got an email at midnight last March from Grubhub notifying me that my order from Dumpling Depot was on its way to an address 3,000 miles away from my location in New York City, I thought there must have been some mistake. And there was: mine. Because I didn’t take a few basic internet security precautions, hackers robbed me of $13,103.91 worth of cash and prizes from three of my accounts over the next six months. And while this doesn’t make me, your Recode data privacy reporter, look very smart, I’m sharing my story with you in the hope that it will help you avoid a similar fate.

 

2 – Chinese Coronavirus Slows Down New Apple iPhone Manufacturing

It’s literally still only the first month of the new decade and we’ve already been threatened by both another world war and a deadly virus. Gotta check all the bases for global destruction. A new coronavirus has already escaped its origins in Wuhan, China and has spread throughout the globe, including to America. Fatalities are thankfully limited so far to just a fraction of the thousands infected, by world governments are still scrambling to get the SARS-adjacent situation under control. In China specifically that means quarantining highly infected areas. And since these areas overlap with major manufacturing facilities, tech companies set to launch new products are potentially about to feel the pinch.

 

3 – How a $300 projector can fool Tesla’s Autopilot

Six months ago, Ben Nassi, a PhD student at Ben-Gurion University advised by Professor Yuval Elovici, carried off a set of successful spoofing attacks against a Mobileye 630 Pro Driver Assist System using inexpensive drones and battery-powered projectors. Since then, he has expanded the technique to experiment—also successfully—with confusing a Tesla Model X and will be presenting his findings at the Cybertech Israel conference in Tel Aviv. The spoofing attacks largely rely on the difference between human and AI image recognition. For the most part, the images Nassi and his team projected to troll the Tesla would not fool a typical human driver—in fact, some of the spoofing attacks were nearly steganographic, relying on the differences in perception not only to make spoofing attempts successful but also to hide them from human observers.

 

4 – Facial recognition firm sued for scraping 3 billion faceprints

New York facial recognition startup Clearview AI – which has amassed a huge database of more than three billion images scraped from employment sites, news sites, educational sites, and social networks including Facebook, YouTube, Twitter, Instagram and Venmo – is being sued in a potential class action lawsuit that claims the company gobbled up photos out of “pure greed” to sell to law enforcement. The complaint (posted courtesy of ZDNet) was filed in Illinois, which has the nation’s strictest biometrics privacy law – the Biometric Information Privacy Act (BIPA). The suit against Clearview was just one chunk of shrapnel that flew after the New York Times published an exposé about how Clearview has been quietly selling access to faceprints and facial recognition software to law enforcement agencies across the US, claiming that it can identify a person based on a single photo, revealing their real name and far more.

 

5 – Facebook Clarifies Reports Of In-House ‘FaceID’ For Messenger

Facebook has addressed speculation that it was exploring options for its own variant of “FaceID” for its Messenger application, saying it was not accurate. The speculation began when what appeared to be in-development technology was uncovered by Jane Manchun and shared on Twitter. This led to a debate as to whether the biometric information would be stored on Facebook’s servers or held solely on the device. Neither will be the case. Facebook has confirmed that any plans to add a biometric security layer to Messenger will use on-device security and the company does not plan to launch a version of its own. “For these types of privacy features,” a spokesperson told me, “we would use the Face ID settings on the device, not our own version.”

 

6 – The US Army uses facial recognition to train AI. Now, it needs to protect it

The US Army has announced the development of software designed to prevent the compromise of facial recognition technology in military applications.  A team from Duke University, led by electrical and computer engineering faculty members Dr. Helen Li and Dr. Yiran Chen, have created a system which, it is hoped, will be able to mitigate cyberattacks against the military’s facial recognition applications.  Facial and object recognition technologies are used by the US Army to train artificial intelligence (AI) systems used in unmanned aerial vehicles (UAVs), surveillance systems, and more. 

 

7 – US colleges are trying to install location tracking apps on students’ phones

Barely over a year ago, we pointed out how dystopian it seemed when Chinese schools added “smart uniforms” to track their students’ attendance. But US colleges are already testing out a similar tactic with a location tracking app, which students are now apparently expected to install on their phones. I say “apparently” because there’s some confusion over whether the schools are actually forcing this on their students. The Kansas City Star reported that at the University of Missouri, new students “won’t be given a choice” of whether to install the SpotterEDU app, which uses Apple’s iBeacons to broadcast a Bluetooth signal that can help the phone figure out whether a student is actually in a room.

 

8 – Vietnam carrier develops native 5G tech to lock out Huawei

Leading Vietnamese wireless carrier Viettel has developed its own 5G equipment, enabling the company to bypass the fifth-generation communications devices supplied by China’s Huawei Technologies. Viettel becomes the sixth global player to develop 5G equipment, the company said recently, putting it on the same plane with the likes of Sweden’s Ericsson and Finland’s Nokia. The carrier, fully owned by Vietnam’s Defense Ministry, plans to start mass production of hardware and software in mid-2021. Viettel looks to roll out commercial 5G services in June in large cities, initially adopting Nokia equipment for the high-speed network.

 

9 – YOUTUBE MODERATORS ARE BEING FORCED TO SIGN A STATEMENT ACKNOWLEDGING THE JOB CAN GIVE THEM PTSD

Content moderators for YouTube are being ordered to sign a document acknowledging that performing the job can cause post-traumatic stress disorder (PTSD), according to interviews with employees and documents obtained by The Verge. Accenture, which operates a moderation site for YouTube in Austin, Texas, distributed the document to workers on December 20th — four days after The Verge published an investigation into PTSD among workers at the facility. “I understand the content I will be reviewing may be disturbing,” reads the document, which is titled “Acknowledgement” and was distributed to employees using DocuSign. “It is possible that reviewing such content may impact my mental health, and it could even lead to Post Traumatic Stress Disorder (PTSD). I will take full advantage of the weCare program and seek additional mental health services if needed. I will tell my supervisor/or my HR People Adviser if I believe that the work is negatively affecting my mental health.”

 

10 – Major Canadian Military Contractor Compromised in Ransomware Attack

A Canadian construction company that won military and government contracts worth millions of dollars has suffered a ransomware attack.  General contractor Bird Construction, which is based in Toronto, was allegedly targeted by cyber-threat group MAZE in December 2019. MAZE claims to have stolen 60 GB of data from the company, which landed 48 contracts worth $406m with Canada’s Department of National Defense between 2006 and 2015. In an email to the Canadian Broadcasting Corporation (CBC), a Bird Construction company spokesperson wrote: “Bird Construction responded to a cyber incident that resulted in the encryption of company files. Bird continued to function with no business impact, and we worked with leading cyber security experts to restore access to the affected files.”

 

11 – Cyber defense game brings together security experts, special forces and more as military prepares for warfare 2.0

Last weekend, over 120 cyber experts from 26 nations came together in Riga, Latvia, to plan and execute a joint defense operation after military forces from the state of Crimsonia were deployed to attack the nation of Berylia. The goal? To disable the air defense system of the occupying forces. The means? In the style of modern warfare, a mix of cyber and material tools. The reason that the offensive did not make headlines, however, is that it was a fictitious attack. The made-up plot was in fact a red-team exercise staged by the Cooperative Cyber Defense Centre of Excellence (CCDCOE), a NATO-accredited cyber-defense hub, and Latvian IT security organization CERT.LV, in an effort to make experts around the world better at defending national IT systems.

 

12 – Plague Inc. maker: Don’t use our game for coronavirus modeling

Interest in the continued spread of the coronavirus has had an unintended side effect for UK-based Ndemic Creations, makers of Plague Inc. The eight-year-old game—which asks players to shepherd a worldwide pandemic so it can destroy all of humanity—has seen a spike in popularity in recent weeks, becoming the most-downloaded iPhone app in China on January 21 and in the United State on January 23, according to tracking firm App Annie. The surge in interest has led Ndemic to issue a statement urging players not to rely on the app for information on staying safe from the coronavirus’ current spread. “Please remember that Plague Inc. is a game, not a scientific model and that the currentcoronavirus outbreak is a very real situation which is impacting a huge number of people,” the statement reads, in part. “We would always recommend that players get their information directly from local and global health authorities.”

 

13 – Qualcomm Antitrust Case Raises Far-Reaching National Security Concerns

On February 13, the U.S. Court of Appeals for the Ninth Circuit will begin hearing oral arguments in a case that could potentially enable China to surpass the U.S. in cutting-edge communications technology. If the ruling of a lower court against San Diego-based Qualcomm in an antitrust case brought by the Federal Trade Commission is upheld, America’s leading source of 5G chip technology would be forced to share its intellectual property with overseas competitors such as Huawei at concessionary prices. Legal scholars and security experts are in an uproar over potential fallout from the case. Judge Lucy Koh of the Federal District Court found last year that Qualcomm had engaged in anti-competitive practices, due to the way it licenses patents on modem technology for smart phones. She objected specifically to how it priced its licenses, and who it was willing to provide those licenses to. Like other chip companies in the same market, Qualcomm typically licenses its technology to device makers but not to direct competitors.

 

14 – Russian Cybercrime Boss Burkov Pleads Guilty

Aleksei Burkov, an ultra-connected Russian hacker once described as “an asset of supreme importance” to Moscow, has pleaded guilty in a U.S. court to running a site that sold stolen payment card data and to administering a highly secretive crime forum that counted among its members some of the most elite Russian cybercrooks. Burkov, 29, admitted to running CardPlanet, a site that sold more than 150,000 stolen credit card accounts, and to being the founder and administrator of DirectConnection — a closely guarded underground community that attracted some of the world’s most-wanted Russian hackers. He pleaded guilty last week in a Virginia court to access device fraud and conspiracy to commit computer intrusion, identity theft, wire fraud and money laundering.

 

15 – Lawmakers warn US, UK intel sharing at risk after Huawei decision

Lawmakers on Tuesday blasted the British government’s decision to allow controversial Chinese telecom firm Huawei to help build its 5G networks, warning that the decision could threaten the long-standing intelligence sharing agreement between the United States and United Kingdom. “Here’s the sad truth: our special relationship is less special now that the U.K. has embraced the surveillance state commies at Huawei,” Sen. Ben Sasse (R-Neb.), a member of the Senate Intelligence Committee, said in a statement. “The Chinese Communist Party has infected Five Eyes with Huawei,” he added, referring to the intelligence sharing agreement which includes the U.S. and U.K., “right at a time when the U.S. and U.K. must be unified in order to meet the global security challenges of China’s resurgence.”

 

16 – Emotet Uses Coronavirus Scare to Infect Japanese Targets

A malspam campaign is actively distributing Emotet payloads via emails that warn the targets of coronavirus infection reports in various prefectures from Japan, including Gifu, Osaka, and Tottori. To scare the potential victims into opening malicious attachments, the spam emails — camouflaged as official notifications from disability welfare service provider and public health centers — promise to provide more details on preventative measures against coronavirus infections within the attachments. The Emotet gang is known for taking advantage of trending currents events and approaching holidays by sending out targeted custom templates, such as invites to a Greta Thunberg Demonstration or to Christmas and Halloween parties.

Related Posts