AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/06/2020

SunCrypt ransomware group swears off medical entities, sets sights on cybersecurity firms

When the SunCrypt ransomware group opened a leak site where they listed victims who had not paid their ransom demands, they attracted public attention and demonstrated their ability to use the media to their advantage. In following up on their previously disclosed victims and leaks, DataBreaches.net noticed that a medical entity who had been listed on SunCrypt’s site no longer appeared on it. Knowing that the threat actors probably would not say why the victim’s name had been removed, DataBreaches.net sent them an inquiry anyway. Their response was somewhat surprising. Although they wouldn’t comment on the medical entity at all, when asked if they would consider not attacking medical entities going forward, their spokesperson immediately responded, “Already done.”  And they wanted us to know that even when they had attacked a medical entity in the past, they had carefully avoided ever locking up life support systems or interfering with any hospital operations.


Instagram Stops Trying To Be Nice With Its Latest Anti-Bullying Features

Online harassment and cyberbullying is getting out of control. We’ve seen so many lives needlessly lost as people commit suicide as a result of non-stop harassment from their peers or strangers online. This is why social media platforms like Instagram have taken steps to ensure that will not happen, or at least reduce its occurrence. In their latest efforts to curb online bullying, Instagram is expanding on its anti-bullying mechanism where they will now warn users that repeated actions could result in their accounts getting deleted. Prior to this, Instagram actually tried to be nicer about it by warning users that comments containing certain keywords or phrases could be viewed as not being very nice. The idea is that the company is hoping that by encouraging users to think twice before posting a nasty comment that they won’t.


Apple T2 security chip might have an unpatchable security flaw

The Apple T2 chip performs many tasks designed to take the burden and the security risk away from the main Intel CPUs. Those include not just encryption or firmware integrity checks but even audio processing and I/O handling, the latter for monitoring the keyboard. This T2 chip will also be the requirement for Netflix 4K streaming on macOS Big Sur due to its ability to meet Netflix’s DRM requirements. Unfortunately, the T2 chip is based on Apple’s A10 processor used for the likes of the iPhone X and is apparently susceptible to the same jailbreaking exploit checkm8. This vulnerability can hijack the boot process of the T2’s SepOS mini operating system to try to gain access to the hardware. Thanks to another vulnerability, the chip’s defenses against trying to perform decryption processes during a Device Firmware Update (DFU) can be bypassed, leaving it open for hackers to do what they want. The slightly good news is that it requires a special cable and physical access to Macs to make this work.



Antivirus software entrepreneur John McAfee has been charged with evading taxes after failing to report income made from promoting cryptocurrencies while he did consulting work, made speaking engagements and sold the rights to his life story for a documentary, prosecutors in Tennessee said Monday. A June indictment charging McAfee with tax evasion and willful failure to file tax returns was unsealed in federal court in Memphis on Monday after McAfee’s arrest in Spain, where extradition to the U.S. is pending, the U.S. attorney’s office said in a news release. Online court records do not show whether McAfee has a lawyer to speak on his behalf about the charges.


In Google/Oracle case, Supreme Court will weigh software’s future

Oracle and Google will have their day at the Supreme Court Wednesday, tangling via teleconference in oral arguments aimed at resolving a decade-long battle over whether common interfaces between software programs can be protected by copyright. When Google developed the Android smartphone operating system more than a decade ago, it tapped Java code that is now owned by Oracle so that Java programs could run. That code, known as an application programming interface or API, lets other programs “speak” to Java programs. At issue in the case is whether copyright protection should extend to APIs. Oracle says it should, and that Google stole its property. Google and other allies hold that the industry has never operated that way, and restricting APIs will inhibit innovation and harm consumers. The case lies at the heart of how modern software development works, and each side says a ruling in the other’s favor will chill innovation. More narrowly, the Supreme Court may settle the question of whether Google owes Oracle nearly $9 billion in damages, as Oracle claims.

Related Posts