Our website may use cookies to improve and personalize your experience and to display advertisements (if any). Our website may also include cookies from third parties like Google Adsense or Google Analytics. By using the website, you consent to the use of cookies. We’ve updated our Privacy Policy. Please click on the button to check our Privacy Policy.

AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/01/2020

Cyberattack could trigger Article 5 response, NATO deputy secretary warns

NATO is adapting to security threats in cyberspace despite vulnerabilities exploited in the COVID-19 pandemic, Deputy Secretary Mircea Geoana said on Monday. He noted that NATO will establish a Cyberspace Operations Center as a part of its command structure, adding that a military cyber attack on a country qualifies as a cause for all NATO nations to come to its aid. “We agreed that a cyberattack could trigger Article 5 of our founding treaty, where an attack against one ally is treated as an attack against all,” Geoana told a virtual conference of CYBERSEC, an annual public policy conference sponsored by the Kosciusko Institute of Krakow, Poland. The collective defense statute in the NATO charter is generally interpreted as recognition of an armed attack on a NATO member, leading to all members’ involvement in its defense.

 

PSA: No, iOS 14 widgets can’t secretly steal private info with your keyboard

A conspiracy theory being spread on Facebook and other social media platforms this week claims that iOS 14 widgets are actually serving as key loggers, tracking everything you type on your iPhone. This is unequivocally not true, and there are technical limitations and protections in place that prevent widgets from accessing your data. The viral post on Facebook has been screenshotted and shared to other social media platforms. On Twitter, a tweet with a screenshot of the original Facebook post has over 7,000 retweets and 8,000 likes. Screenshots have also gone viral on Instagram. The Facebook post comes from an iPhone user who claims to have noticed that their “keyboard would lag and wouldn’t show the characters” as they were being typed, as well as other issues like app crashes and generally laggy performance. The Facebook post also cites the security code autofill feature of iOS as evidence the app is tracking what they type.

 

DOJ reportedly set to sue Google for abusing its search and ad dominance

The lawsuit apparently accuses the search giant of impeding competition by preventing competitors like Microsoft’s Bing from accessing data about users and user preferences that they need to improve their search engines and advertising platforms. Additionally, the Justice Department is also looking into Google’s “search advertising,” ads that are shown under the search box when someone looks up a consumer product. Google not only has full control over the sale of the space under search results, but also the tools that are required to make ad sales. The Justice Department is said to have urged state attorneys general to sign onto the lawsuit. It is worth noting that many of them are already investigating Google’s other businesses for antitrust violations.

 

GitHub can actively look for security holes in your code

GitHub, the Microsoft-owned code repository, has announced something that will hopefully make all our software much more secure. The platform has, after several months of testing, now launched code scanning, a system that will read through software looking for security holes. As the code is created, the system will now scan through it, highlighting areas that could be exploited in future. The hope is that, by catching errors ahead of time, the number of security incidents we all face could be reduced. So far, GitHub has scanned 12,000 repositories 1.4 million times, with the company’s Justin Hutchings saying that it’s caught 20,000 security issues.

 

Facebook’s latest integrations with Instagram could make it harder for regulators to break up the company

In January 2019, Mike Isaac reported a noteworthy development about Facebook at the New York Times. In the months to come, he said, Facebook would unify the technical infrastructure powering Facebook, Instagram, and WhatsApp. To the user, these changes would be invisible. But to Facebook itself, there were clear strategic imperatives to merge the apps. Among them: the move came just as the US government was beginning to consider an effort to break the company up. In the nearly two years since, the government’s effort has accelerated. On September 15th, the Wall Street Journal reported that an antitrust case against the company could come by the end of the year. But Facebook’s effort to puree its family of apps into a single software smoothie on the back end has picked up as well. And there have been two significant developments on that front this week.

 

Senator asks DHS if foreign-controlled browser extensions threaten the US

A US senator is calling on the Department of Homeland Security’s cybersecurity arm to assess the threat posed by browser extensions made in countries known to conduct espionage against the US. “I am concerned that the use by millions of Americans of foreign-controlled browser extensions could threaten US national security,” Senator Ron Wyden, a Democrat from Oregon, wrote in a letter to Christopher Krebs, director of the DHS’ Cybersecurity and Infrastructure Security Agency. “I am concerned that these browser extensions could enable foreign governments to conduct surveillance of Americans.” Also known as plugins and add-ons, extensions give browsers functionality not otherwise available. Ad blockers, language translators, HTTPS enforcers, grammar checkers, and cursor enhancers are just a few examples of legitimate extensions that can be downloaded either from browser-operated repositories or third-party websites. Unfortunately, there’s a darker side to extensions. Their pervasiveness and their opaqueness make them a perfect vessel for stashing software that logs sites users visit, steals passwords they enter, and acts as a backdoor that funnels data between users and attacker-controlled servers.

Related Posts