Our website may use cookies to improve and personalize your experience and to display advertisements (if any). Our website may also include cookies from third parties like Google Adsense or Google Analytics. By using the website, you consent to the use of cookies. We’ve updated our Privacy Policy. Please click on the button to check our Privacy Policy.

AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/12/2021

Borrowed a School Laptop? Mind Your Open Tabs

WHEN TENS OF millions of students suddenly had to learn remotely, schools lent laptops and tablets to those without them. But those devices typically came with monitoring software, marketed as a way to protect students and keep them on-task. Now, some privacy advocates, parents, and teachers say that software created a new digital divide, limiting what some students could do and putting them at increased risk of disciplinary action. One day last fall, Ramsey Hootman’s son, then a fifth grader in the West Contra Costa School District in California, came to her with a problem: He was trying to write a social studies report when the tabs on his browser kept closing. Every time he tried to open a new tab to study, it disappeared. It wasn’t an accident. When Hootman emailed the teacher, she says she was told, “‘Oh, surprise, we have this new software where we can monitor everything your child is doing throughout the day and can see exactly what they’re seeing, and we can close all their tabs if we want.’”

 

NETWORK SELLING FAKE FINANCIAL SERVICES ONLINE TAKEN DOWN

Law enforcement and judicial authorities from Bulgaria, Cyprus, Germany, the Netherlands and Ukraine, supported by Europol and Eurojust, teamed up against an organised crime group involved in binary fraud. The group was behind an online trading platform for financial services with binary options. Europol set up an Operational Task Force to support the cross-border investigation. Operating between May 2019 and September 2021, the criminal network lured German investors into making transactions worth a total of at least € 15 million. The suspects advertised the financial services online and via social media, while using over 250 domain names. The criminal network connected to a company, based in Ukraine, set up a call centre in Bulgaria. 

 

Avoid The Most Common Email Mistakes

Email is still one of the primary ways we communicate, both in our personal and professional lives. However, quite often we can be our own worst enemy when using email. Here are the most common mistakes people make with email and how to avoid them. Auto-complete is a common feature in most email clients. As you type the name of the person you want to email, your email software automatically selects their email address for you. This way you do not have to remember the email address of all your contacts, just their names. The problem is when you know people that share similar names, it is very easy for auto-complete to select the wrong email address for you. 

 

Beware – a brand new malware family is infecting Linux systems

There’s a new malware family in town – and one that attacks Linux systems by concealing itself in legitimate binaries to deliver several backdoor and rootkits. Dubbed FontOnLake, by cybersecurity researchers at ESET, samples of the malware date as far back as May 2020. According to the researchers, the malware makes use of several carefully crafted modules that not just collect credentials, but also give remote access to the threat actors. “The sneaky nature of FontOnLake’s tools in combination with advanced design and low prevalence suggest that they are used in targeted attacks,” believes Vladislav Hrčka, malware analyst and reverse engineer at ESET. Hrčka notes that all the malware disguises itself inside trojanized versions of standard Linux utilities, including cat, kill, and sshd. In fact, one of the samples the researchers analyzed was created specifically for CentOS and Debian.

 

Verizon customers: Watch out for this sneaky new scam text message that’s making the rounds

Scams and phishing attacks are nearly impossible to avoid. Whether it’s a call, a text, or an email, we all have to contend with these scams on a daily basis. Many of us are learning — sometimes through trial and error — just how many of the messages we receive are malicious. That’s why it’s important to be aware of new circulating fraudulent scams. For example, this week, PhoneArena reported on a new scam text that is making the rounds that every Verizon subscriber should know about. In recent days, Verizon customers have been receiving texts that appear to be part of a new phishing campaign. The unsolicited messages tell the subscribers that as a reward for paying their September bills, they are receiving a gift. What follows is an incredibly suspicious link to an unknown website. If you fall for this scam and click the link, you might be asked to share your personal information, like your name, address, phone number, and social security number.

 

Microsoft says it mitigated the largest DDoS attack ever recorded

Microsoft says it was able to mitigate a 2.4 terabytes per second (Tbps) Distributed Denial-of-Service (DDoS) attack in August. The attack targeted an Azure customer in Europe, and was 140 percent higher than the highest attack bandwidth volume Microsoft recorded in 2020. It also exceeds the peak traffic volume of 2.3Tbps, the previous largest attack, which was directed at Amazon Web Services last year. Microsoft says the attack lasted more than 10 minutes, with short-lived bursts of traffic that peaked at 2.4Tbps, 0.55Tbps, and finally 1.7Tbps. DDoS attacks are typically used to force websites or services offline, thanks to a flood of traffic that a web host can’t handle. They’re usually performed through a botnet, a network of machines that have been compromised using malware or malicious software to control them remotely. Azure was able to stay online throughout the attack, thanks to its ability to absorb tens of terabits of DDoS attacks.

Related Posts