Our website may use cookies to improve and personalize your experience and to display advertisements (if any). Our website may also include cookies from third parties like Google Adsense or Google Analytics. By using the website, you consent to the use of cookies. We’ve updated our Privacy Policy. Please click on the button to check our Privacy Policy.

AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/07/2020

Anna Kendrick Is McAfee’s Most Dangerous Celebrity 2020

During COVID-19, people stuck inside have scoured the internet for content to consume – often searching for free entertainment (movies, TV shows, and music) to avoid any extra costs. As these habits increase, so do the potential cyberthreats associated with free internet content – making our fourteenth Most Dangerous Celebrities study more relevant than ever. To conduct our Most Dangerous Celebrities 2020 study, McAfee researched famous individuals to reveal which celebrities generate the most “dangerous” results – meaning those whose search results bring potentially malicious content to expose fans’ personal information. Thanks to her recent starring roles, American actress Anna Kendrick has found herself at the top of McAfee’s 2020 Most Dangerous Celebrities list.

 

US Treasury Warns of Sanctions Violations for Paying Ransomware Attackers

As if getting hit with ransomware wasn’t stressful enought, there’s now a new element to worry about besides whether you’ll get your data and servers back: paying ransom to a cybercriminal or group that has been hit with sanctions by the US Treasury Department. In a surprising advisory issued today that likely will cause consternation among cybersecurity professionals and organizations faced with ransomware attacks, the Treasury’s Office of Foreign Assets Control (OFAC) warned of possible US policy violations for organizations or individuals who pay ransom to ransomware attackers who have been officially sanctioned by OFAC. “Companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations,” the advisory said. 

 

The Exec Email Fraud Menace Continues: Crooks Net $15 Million Via Microsoft’s Cloud

Between April and September, hackers made as much as $15 million by impersonating senior executives at as many as 150 companies using what appear to be legitimate Microsoft Office 365 email addresses in a bid to make their attacks more successful. The FBI, the Secret Service and Microsoft have all been informed, according to Mitiga, an Israeli cybersecurity startup that claims to have uncovered the attacks. It’s a classic but hugely successful case of what’s known as business email compromise (BEC) fraud where crooks impersonate company partners and convince them to send money to their bank accounts. For instance, the hacker will set up email server domains so they could be mistaken for a real business, such as forb3s.com rather than forbes.com. Mitiga said that in one case it investigated, a hacker had learned of a target’s wire transfer by somehow gaining access to an employee’s Office 365 email account.  Then, just as the money was about to be sent by the unnamed victim organization, the fraudster impersonated the recipient and sent new wire instructions so they received the money rather than the legitimate seller. The latter never received the money they were due.

 

China says U.S. TikTok, WeChat bans break WTO rules

China said at a World Trade Organization meeting that restrictions by the United States on Chinese mobile applications TikTok and WeChat are in violation of the body’s rules, a trade official said. A representative for China said at the closed-door meeting on Friday that the measures “are clearly inconsistent with WTO rules, restrict cross-border trading services and violate the basic principles and objectives of the multilateral trading system,” a trade official familiar with the matter, who did not wish to be identified, said. The official said the delegate described the U.S. failure to provide concrete evidence of the reasons for its measures a “clear abuse” of rules. In the same meeting, the United States defended its actions, saying they are intended to mitigate national security risks, the trade official said.

 

How Twitter Survived Its Biggest Hack—and Plans to Stop the Next One

JULY 15 WAS, at first, just another day for Parag Agrawal, the chief technology officer of Twitter. Everything seemed normal on the service: T-Pain’s fans were defending him in a spat with Travis Scott; people were upset that the London Underground had removed artwork by Banksy. Agrawal set up in his home office in the Bay Area, in a room that he shares with his young son. He started to hammer away at his regular tasks—integrating deep learning into Twitter’s core algorithms, keeping everything running, and countering the constant streams of mis-, dis-, and malinformation on the platform. But by mid-morning on the West Coast, distress signals were starting to filter through the organization. Someone was trying to phish employee credentials, and they were good at it. They were calling up consumer service and tech support personnel, instructing them to reset their passwords. Many employees passed the messages onto the security team and went back to business. But a few gullible ones—maybe four, maybe six, maybe eight—were more accommodating. They went to a dummy site controlled by the hackers and entered their credentials in a way that served up their usernames and passwords as well as multifactor authentication codes.

 

Cisco ordered to pay $1.89B after losing patent trial against Centripetal Networks

Cisco Systems Inc. was ordered today to pay $1.89 billion after a judge ruled that the networking giant infringed four patents belonging to cybersecurity company Centripetal Networks Inc. The case, bought by Centripetal, alleged that Cisco had infringed its patents relating to the company’s Threat Intelligence Gateway network protection system under Title 35 of the United States Code. The patented technology was funded in part by a grant from the U.S. Department of Homeland Security, with the patents awarded between 2015 and 2018. Patent trolling is rife within the broader technology sector including cybersecurity, but where this case takes a twist is that Centripetal claims that Cisco breached their patents after both companies discussed a partnership in June 2017. “The fact that Cisco released products with Centripetal’s functionality within a year of these meetings goes beyond mere coincidence,” U.S. District Court Judge Henry Morgan said in his ruling.

Related Posts