AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 1/6/2022

US Police Warn of Parking Meters with Phishing QR Codes

In a hurry to park your car?  Don’t want to fumble around in your pocket to find cash for the parking meter, and don’t have the correct payment app installed on your phone? Well, think carefully before rushing to scan the payment QR code stuck on the side of the meter – it may well be an attempt by fraudsters to phish your financial information. Police are warning that they have discovered bogus QR codes stuck onto public parking meters across Austin, Texas – a city where parking meters don’t display QR codes, and only accept payment via coins, cards or a smartphone app. So what happens if visitors to the city, or those in a rush who are not suspicious, simply scan the bogus QR code without thinking.


Norton Anti-Virus can now hijack your computer for cryptomining

The popular anti-virus software company Norton recently “added” a new “feature” which will “allow” the company to use your computer to mine for the Ethereum cryptocurrency whenever you’re not using it. Yes, that’s right: the anti-virus software wants you to let them remotely control your computer. But wait! There’s more! Norton Crypto is included as part of Norton 360 subscriptions. However, there are coin mining fees as well as transaction costs to transfer Ethereum. The coin mining fee is currently 15% of the crypto allocated to the miner. Transfers of cryptocurrencies may result in transaction fees (also known as “gas” fees) paid to the users of the cryptocurrency blockchain network who process the transaction. In addition, if you choose to exchange crypto for another currency, you may be required to pay fees to an exchange facilitating the transaction. Transaction fees fluctuate due to cryptocurrency market conditions and other factors. These fees are not set by Norton.


Spot and Stop Messaging Attacks

Smishing (a portmanteau word combining SMS and phishing) are attacks that occur when cyber attackers use SMS, texting, or similar messaging technologies to trick you into taking an action you should not take. Perhaps they fool you into providing your credit card details, get you to call a phone number to get your banking information, or convince you to fill out an online survey to harvest your personal information. Just like in email phishing attacks, cyber criminals often play on your emotions to get you to act by creating a sense of urgency or curiosity, for example. However, what makes messaging attacks so dangerous is there is far less information and fewer clues in a text than there is in an email, making it much harder for you to detect that something is wrong.


France hits Google, Facebook with huge fines over ‘cookies’

French regulators have hit Google and Facebook with 210 million euros ($237 million) in fines over their use of “cookies”, the data used to track users online, authorities said Thursday. US tech giants, including the likes of Apple and Amazon, have come under growing pressure over their businesses practices across Europe, where they have faced massive fines and plans to impose far-reaching EU rules on how they operate. The 150-million-euro fine imposed on Google was a record by France’s National Commission for Information Technology and Freedom (CNIL), beating a previous cookie-related fine of 100 million euros against the company in December 2020. Facebook was handed a 60-million-euro fine.


Emergency Windows Server update fixes Remote Desktop issues

Microsoft has released an emergency out-of-band update to address a Windows Server bug leading to Remote Desktop connection and performance issues. “Microsoft is releasing Out-of-band (OOB) updates today, January 4, 2022, to resolve issues in which Windows Server might experience a black screen, slow sign in, or general slowness,” the company explains. “You might also be unable to use Remote Desktop to reach the server. In some circumstances, the server might stop responding.” Affected platforms include Windows Server 2022, Windows Server 2019, Windows Server 2016, and Windows Server 2012 R2. The updates that address this issue are not available from Windows Update and will not install automatically on affected systems.


iOS malware can fake iPhone shut downs to snoop on camera, microphone

Researchers have developed a new technique that fakes a shutdown or reboot of iPhones, preventing malware from being removed and allowing hackers to secretly snoop on microphones and receive sensitive data via a live network connection. Historically, when malware infects an iOS device, it can be removed simply by restarting the device, which clears the malware from memory. However, this technique hooks the shutdown and reboot routines to prevent them from ever happening, allowing malware to achieve persistence as the device is never actually turned off. Because this attack, which the researchers call “NoReboot,” does not exploit any flaws on the iOS and instead relies on human-level deception, it cannot be patched by Apple.

Related Posts