AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/12/2020

Comcast says gigabit downloads and uploads are now possible over cable

Comcast’s cable Internet still has a heavy emphasis on download speeds, as even its gigabit-download service only comes with 35Mbps uploads. But that may not be the case forever, as today Comcast announced a “technical milestone” that can deliver gigabit-plus download and upload speeds over existing cable wires. Specifically, Comcast said it conducted “a trial delivering 1.25Gbps upload and download speeds over a live production network using Network Function Virtualization (NFV) combined with the latest DOCSIS Technology.” Comcast installed the service at a home in Jacksonville, Florida, where “the technology team consistently measured speeds of 1.25 Gbps upload and 1.25Gbps download over the connection.” The speeds were delivered over a hybrid fiber-cable network, with the coaxial cable providing the final connection into the home. 

 

Apple pays $288,000 to white-hat hackers who had run of company’s network

For months, Apple’s corporate network was at risk of hacks that could have stolen sensitive data from potentially millions of its customers and executed malicious code on their phones and computers, a security researcher said on Thursday. Sam Curry, a 20-year-old researcher who specializes in website security, said that, in total, he and his team found 55 vulnerabilities. He rated 11 of them critical because they allowed him to take control of core Apple infrastructure and from there steal private emails, iCloud data, and other private information. Apple promptly fixed the vulnerabilities after Curry reported them over a three-month span, often within hours of his initial advisory. “If the issues were used by an attacker, Apple would’ve faced massive information disclosure and integrity loss,” Curry said in an online chat a few hours after posting a 9,200-word writeup titled We Hacked Apple for 3 Months: Here’s What We Found. “For instance, attackers would have access to the internal tools used for managing user information and additionally be able to change the systems around to work as the hackers intend.”

 

Google is giving data to police based on search keywords, court docs show

There are few things as revealing as a person’s search history, and police typically need a warrant on a known suspect to demand that sensitive information. But a recently unsealed court document found that investigators can request such data in reverse order by asking Google to disclose everyone who searched a keyword rather than for information on a known suspect. In August, police arrested Michael Williams, an associate of singer and accused sex offender R. Kelly, for allegedly setting fire to a witness’ car in Florida. Investigators linked Williams to the arson, as well as witness tampering, after sending a search warrant to Google that requested information on “users who had searched the address of the residence close in time to the arson.”  

 

DOJ Seizes Domains Used for Iranian Disinformation Campaigns

The U.S. Justice Department has seized 92 domains that Iran’s Islamic Revolutionary Guard Corps was using to support a global disinformation campaign. Iran’s military intelligence unit used the domains, which were disguised as genuine news portals, to spread propaganda in an attempt influence public opinion and sow discord, according to the Justice Department. Of the 92 domains seized, four were active across the U.S. The others targeted audiences in Western Europe, the Middle East and Southeast Asia. The Justice Department and the FBI seized and shut down the domains on Oct. 7 after Google alerted authorities. Law enforcement officials also worked with Twitter and Facebook to ensure all the Iranian-linked websites were identified.

 

Microsoft to let employees work from home permanently

Software giant Microsoft will let employees work from home permanently if they choose to, US media reported on Friday, becoming the latest employer to expand work-from-home provisions prompted by the Covid-19 pandemic. The Verge said most Microsoft employees are still at home as the health crisis drags on, and the company doesn’t expect to reopen its US offices until January of next year at the earliest. But when it does, workers can chose to work from their residences permanently, although in that case they will have to give up their office space. “The Covid-19 pandemic has challenged all of us to think, live and work in new ways,” Microsoft’s Chief People Officer Kathleen Hogan said in a note to employees obtained by the tech news outlet. “We will offer as much flexibility as possible to support individual workstyles, while balancing business needs and ensuring we live our culture.”

 

Judge won’t let ‘Fortnite’ back into App Store as Apple fight crawls on

The battle royale between Epic Games and Apple is far from over. The ongoing debate over whether Fortnite, the wildly popular video game, will be allowed back in the App Store will not be answered any time soon. According to Mac Rumors, on Friday a California judge denied a request by Epic Games for a temporary injunction against Apple. If granted, it would have forced Apple to let Fortnite back on the app-distribution platform as the case was being heard. “Epic Games‌ cannot simply exclaim ‘monopoly’ to rewrite agreements giving itself unilateral benefit,” reads U.S. District Judge Yvonne Gonzalez Rogers’ order, in part, as quoted by Mac Rumors. Unless something radical happens, this means Fortnite will remain out of the App Store until some sort of agreement is reached or the case is resolved. Either way, it’s likely going to be a while — especially considering the fact that, as Mac Rumors notes, Apple and Epic Games won’t be back in court until May 2021.   

Related Posts