AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 1/8/2020

1 – Cybercriminals Fill Up on Gas Pump Transaction Scams Ahead of Oct. Deadline

Gas stations are gearing up for a major change in credit-card fraud liability in October, when they will find themselves on the hook for card-skimming attacks at the pump. In the meantime though, cybercriminals will be targeting pay-at-the-pump point-of-sale mechanisms with a vengeance, researchers say. Fuel pumps represent a last bastion of non-encrypted transactions. Unlike when customers pay inside, the pump mechanism doesn’t require a chip-and-PIN or chip-and-signature scheme, which have built-in encryption and can thwart most amateur card-skimming efforts. Instead, swiping one’s card and using the magnetic strip is the norm.


2 – What OPSEC? Member of “thedarkoverlord” allegedly used his personal details to set up hacking and extortion-related accounts.

In what seems like a mind-boggling OPSEC #FAIL, a U.K. man associated with thedarkoverlord allegedly used his real details to create bank accounts as well as to open email accounts, phone numbers, vpn, Twitter, and PayPal accounts that thedarkoverlord used as part of its operations to hack and extort victims. For a group that signed their pastes and extortion demands as a “Professional Adversary,” the revelations should be embarrassing, to say the least. But embarrassment may be the least of their problems. Now that Nathan Wyatt is in custody in the U.S. awaiting trial for his alleged role, will he roll on others to get himself a deal?


3 – Tired of hearing about Wi-Fi 6? Great, let’s talk about Wi-Fi 6E

On Friday, the Wi-Fi Alliance announced a new branding for the expansion of Wi-Fi into an additional 1200MHz of unlicensed spectrum. Dubbed “Wi-Fi 6E,” the new spectrum should be made available for general Wi-Fi device use shortly; the US Federal Communications Commission proposed expansion of Wi-Fi into 6GHz spectrum in October 2018, and FCC chairman and novelty-coffee-mug aficionado Ajit Pai expressed a desire for the agency to “move quickly” (no concrete decision timeline was given) in opening up the spectrum to Wi-Fi at the Americas Spectrum Management Conference in September 2019.


4 – SpaceX successfully launches 60 more satellites for its Starlink broadband internet constellation

SpaceX  successfully launched its third batch of 60 Starlink satellites – the second designated ‘production’ hardware, after launching an initial group of 60 early in 2019 to test the technology. This group launched aboard a Falcon 9 with a first stage booster that has already seen service in three previous missions, including two in 2019, one of which was the first bulk Starlink mission in May 2019. This launch took off from Cape Canaveral Air Force Station in Florida, and delivered the satellites to an orbit 290 km (around 180 miles) above Earth, and then the satellites will perform diagnostics to ensure they’re in proper working order before moving to their final target orbits using their own onboard thrusters.


5 – Brit banking sector hasn’t gone a single day of 2020 without something breaking

It appears the UK banking system is playing a fiscal game of Top Trumps as both Yorkshire and Clydesdale Bank followed yesterday’s example set by Lloyds by not processing payments into customer accounts. Problems followed a similar pattern as customers checked their accounts this morning to find expected payments not turning up. Minor stuff like, er, salaries, that sort of thing. The wailing kicked off from 6am local time, reaching a crescendo three hours later as customers hit refresh and refresh once more, but their expected payments continued to be absent.


6 – Twitter bots and trolls promote conspiracy theories about Australian bushfires

As Australia continues to battle bushfires of unprecedented size and ferocity, a social media disinformation campaign is pushing false conspiracy theories about their cause. Tweets with the hashtag #ArsonEmergency are coming from a “much higher” proportion of bot-like or troll-like accounts than those with more general bushfire-related hashtags such as #BushfireAustralia or #AustraliaFire, according to initial analysis by Dr Timothy Graham from the Queensland University of Technology (QUT). Graham came to look at #ArsonEmergency because it was being used by some of the more suspicious-looking individual Twitter accounts he’d been tracking.


7 – Task force formed to probe source of mysterious drones over Colorado

The night-time drone flights over parts of rural Colorado and Nebraska that have baffled investigators will now be the subject of a multi-agency task force, federal and state authorities announced on Monday. The drones, or unmanned aircraft systems, have been sighted in northeast Colorado and southwest Nebraska over the past three weeks, tending to appear after sundown and fly in formation in a grid pattern over the remote areas. They have been sighted mostly over Colorado.


8 – Texas government website defaced with pro-Iran message

The website of the Texas Department of Agriculture was briefly defaced Tuesday morning, its usual contents replaced with an image of Qassem Soleimani, the Iranian general who was killed last week in a U.S. airstrike. A group of hackers referring to themselves as “Shield Iran” claimed credit. While the department’s site has since been restored, the defacement is similar to other attacks on U.S.-based websites in the days following President Donald Trump’s order to kill Soleimani, who commanded Iran’s Quds Force. Over the weekend, a website belonging to the U.S. Government Publishing Office was defaced with a similar message. The website of the Southern Alabama Veterans Council, a nonprofit group, was also targeted on Tuesday.


9 – DHS tells U.S. organizations to clamp down on cybersecurity in wake of Soleimani killing

The Department of Homeland Security on Monday issued guidance to U.S. companies and government agencies on securing their computer networks following the killing last week of a top Iranian general. The advisory from DHS’s Cybersecurity and Infrastructure Security Agency acknowledges the considerable capabilities at Iran’s disposal should the Islamic Republic choose to retaliate in cyberspace, and urges organizations to consider whether they make an attractive target for Tehran’s hackers.


10 – Fake Windows 10 Desktop Used in New Police Browser Lock Scam

Scammers have taken an old browser scam and invigorated it using a clever and new tactic that takes advantage of your web browser’s full-screen mode to show a fake Windows 10 desktop stating your computer is locked. This type of scam is called a police browser locker. which pretends to be law enforcement locking your browser because due to illegal activity. These scams then state that if you pay a fine via a credit card, it will unlock your computer so you can use it again. These types of scams are normally easy to detect as they utilize fake and suspicious URLs and allow you to use other apps on your computer even if the browser is locked.

Related Posts