AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/07/2021

New TSA regulations to address cyberattack threat to rail systems

The Transportation Security Administration will soon issue new regulations designed to make transit agencies and airlines better prepared for cyberattacks. Homeland Security Secretary Alejandro Mayorkas says that, under the new directive, railroads and rail-related entities deemed “higher-risk” will be required to appoint a point person in charge of cybersecurity, report cyber incidents to DHS’ Cybersecurity and Infrastructure Security Agency and create a contingency plan for what to do if a cyberattack were to happen. Lower-risk railroads and related entities will be encouraged but not required to take the same steps, he said. Mayorkas made the comments during a speech given virtually Wednesday at the Billington Cybersecurity Summit.

 

New Android trojan malware is one of the most dangerous yet, can completely take over phones

Cybersecurity analysts recently discovered a strain of Android malware they dubbed “TangleBot.” The malicious software is highly sophisticated and capable of hijacking most if not all of a phone’s functions. Once infected, the phone becomes the ultimate spying/stalking device. Proofpoint researchers note that TangleBot targets users by sending text messages to Android devices in the U.S. and Canada. The SMS messages are disguised as Covid-19 regulations and booster shots information, along with messaging related to potential power outages, encouraging victims to click a link to a site that shows an Adobe Flash update is required.

 

Apple now requires all apps to make it easy for users to delete their accounts

All third-party iOS, iPadOS, and macOS apps that allow users to create an account should also provide a method for terminating their accounts from within the apps beginning next year, Apple said on Wednesday. “This requirement applies to all app submissions starting January 31, 2022,” the iPhone maker said, urging developers to “review any laws that may require you to maintain certain types of data, and to make sure your app clearly explains what data your app collects, how it collects that data, all uses of that data, your data retention/deletion policies.” While the feature could be convenient, it’s worth noting that Apple only says the mechanism should have a provision for users to “initiate deletion of their account from within the app,” meaning it’s possible that apps could redirect users to a website or prompt them to send an email in order actually to purge their information.

 

Fired IT admin revenge-hacks school by wiping data, changing passwords

A 29-year old wiped data on systems of a secondary school in the U.K. and changed the passwords at an IT company, in retaliatory cyber attacks for being fired. As a result of his actions, the school’s systems could no longer be accessed and remote learning was impacted at a time when pupils were at home due to the Covid-19 pandemic. At the beginning of the year on January 16, Adam Georgeson downloaded and deleted data from computers belonging to Welland Park Academy in Market Harborough, Leicestershire, and changed passwords of staff members. Georgeson had been working as an IT technician at the school but had been fired at the time of the attack. On January 21, while employed at an IT company in Rutland, Georgeson was arrested for his actions on the school’s network.

 

Google to auto-enroll 150 million user accounts into 2FA

Google announced today that they plan on auto-enrolling 150 million accounts into two-factor authentication by the end of 2021. To protect Google accounts from unauthorized access, it is possible to enroll in an optional security feature called two-factor authentication, or as Google likes to call it, 2-step verification (2SV). When 2SV is enabled on a Google Account, and someone logs in with the correct username and password, they are asked for an additional form of authentication to prove they are the account owner. This additional verification can be through a code from an authenticator app or SMS text, Google Prompt, a hardware security key, like a Yubikey or Google Titan, or even an iOS device.

 

Mark Zuckerberg hits back at Facebook whistleblower claims

Mark Zuckerberg has hit back at the testimony of the Facebook whistleblower Frances Haugen, saying her claims the company puts profit over people’s safety are “just not true”. In a blogpost, the Facebook founder and chief executive addressed one of the most damaging statements in Haugen’s opening speech to US senators on Tuesday, that Facebook puts “astronomical profits before people”. “At the heart of these accusations is this idea that we prioritise profit over safety and wellbeing. That’s just not true,” he said. He added: “The argument that we deliberately push content that makes people angry for profit is deeply illogical. We make money from ads, and advertisers consistently tell us they don’t want their ads next to harmful or angry content.”

Related Posts