AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/06/2021

Hong Kong firm becomes latest marketing company hit with REvil ransomware

Hong Kong marketing firm Fimmick has been hit with a ransomware attack, according to a British cybersecurity firm monitoring the situation. Fimmick has offices in Hong Kong and across China, serving several high-profile clients like McDonalds, Coca-Cola, Shell, Asus and others. Their website is currently down and there was no response to ZDNet requests for comment. Matt Lane, CEO of UK-based cybersecurity firm X Cyber Group, said his team routinely “scrutinizes the activities of cybercriminals for evidence of their behaviors,” as a way to protect clients and customers.  On Tuesday, they discovered that REvil had breached Fimmick’s databases and claimed to have data from a number of global brands. Lane shared screenshots showing REvil’s threatening posts toward Fimmick that included information stolen from the company’s website.


Massive Twitch leak reportedly surfaces online including source code and streamer payouts

Things could be about to get real messy for Twitch. The Amazon-owned streaming platform is the target of an alleged hack, leak, whatever you want to call it, but the end result is the same. A 125GB torrent of, well, everything that is Twitch has been made available on the shadier parts of the internet that could spell big trouble not only for Twitch, but for many attached to the platform. The files that were made available through 4Chan have not been verified as authentic, nor has Twitch officially acknowledged the alleged leak, but if the data is legit, hoo boy. A company source speaking to VGC has though said it’s the real deal.


Researcher refuses Telegram’s bounty award, discloses auto-delete bug

Telegram patched another image self-destruction bug in its app earlier this year. This flaw was a different issue from the one reported in 2019. But the researcher who reported the bug isn’t pleased with Telegram’s months-long turnaround time—and an offered €1,000 ($1,159) bounty award in exchange for his silence. Like other messaging apps, Telegram allows senders to set communications to “self-destruct,” such that messages and any media attachments are automatically deleted from the device after a set period of time. Such a feature offers extended privacy to both the senders and the recipients intending to communicate discreetly. But for a simple bug like this, it wasn’t easy to get Telegram’s attention, Dmitrii explained. The researcher contacted Telegram in early March. And after a series of emails and text correspondence between the researcher and Telegram spanning months, the company reached out to Dmitrii in September, finally confirming the existence of the bug and collaborating with the researcher during beta testing.


Government Secretly Orders Google To Identify Anyone Who Searched A Sexual Assault Victim’s Name, Address And Telephone Number

In 2019, federal investigators in Wisconsin were hunting men they believed had participated in the trafficking and sexual abuse of a minor. She had gone missing that year but had emerged claiming to have been kidnapped and sexually assaulted, according to a search warrant reviewed by Forbes. In an attempt to chase down the perpetrators, investigators turned to Google, asking the tech giant to provide information on anyone who had searched for the victim’s name, two spellings of her mother’s name and her address over 16 days across the year. After being asked to provide all relevant Google accounts and IP addresses of those who made the searches, Google responded with data in mid-2020, though the court documents do not reveal how many users had their data sent to the government. It’s a rare example of a so-called keyword warrant and, with the number of search terms included, the broadest on record.


Firefox Focus revamp gives you more control over privacy and tracking

Mozilla likes to cut distractions and speed up browsing, and its latest browser reflects that priority. The developer has revamped Firefox Focus for Android and iOS to give it a “fresh new look” (including a dark theme), more privacy and quicker access. There’s now a shield icon to quickly turn trackers on or off, not to mention a global counter for every blocked tracker. You’ll find a shortcut feature, too, to help you visit favorite sites that much sooner. Firefox is receiving improvements on other platforms. On top of easier password autofill, Firefox users on Android (iOS is coming later this year) can easily create new passwords for apps or unlock accounts using only biometric data like fingerprints and facial recognition.


Russia says Facebook outage shows why it needs internet sovereignty

Russian social networks reported a spike in activity during Monday’s global Facebook outage which Moscow officials said showed that Russia was right to develop its own sovereign internet platforms and social networks. Russia has sought for years to assert greater sovereignty over its internet segment, putting pressure on foreign tech firms to delete content and store data in Russia. It has also improved its ability to block platforms that break its rules. Maria Zakharova, Russia’s Foreign Ministry spokesperson, said during the near six-hour outage of Facebook services on Monday evening that this “answers the question of whether we need our own social networks and internet platforms”. Facebook blamed its outage, which kept its 3.5 billion users from accessing services such as WhatsApp, Instagram and Messenger, on a faulty configuration change.

Related Posts