AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/14/2020

Largest cruise line operator Carnival confirms ransomware data theft

Carnival Corporation, the world’s largest cruise line operator, has confirmed that the personal information of customers, employees, and ship crews was stolen during an August ransomware attack. “While the investigation is ongoing, early indications are that the unauthorized third-party gained access to certain personal information relating to some guests, employees, and crew for some of our operations,” Carnival said. “There is currently no indication of any misuse of this information.”


EU reportedly drafts ‘hit list’ of big tech companies to face stricter rules

It’s no secret that the European Union wants a further crackdown on tech giants, and it may use a simple shortlist to decide which companies face new restrictions. Financial Times sources say the EU is drafting a “hit list” of up to 20 big tech firms that would face harsher regulations than smaller rivals, such as mandatory data sharing and greater transparency. The list would be based on criteria like market share, user counts, and the dependency others have on their platforms. Just who’s on the list isn’t clear. However, it’s believed to be very US-centric and would likely include known heavyweights like Amazon, Apple, Facebook, and Google. That likely wouldn’t help tensions with the current American leadership, but it would also dovetail with a US House subcommittee investigation that accused those same companies of holding monopoly power that needed regulation.


DHS: Unknown hackers targeted the US Census Bureau network

The US Department of Homeland Security said that unknown threat actors have targeted the US Census network during the last year in its first-ever Homeland Threat Assessment (HTA) report released earlier this week. The US Census Bureau is the largest US federal government statistical agency responsible for collecting statistical data about the US economy and population. This data is then used by the federal government to allocate over $675 billion in federal funds to tribal, local, and state governments every year. The DHS says that both state and non-state attackers will likely attempt to compromise or disrupt infrastructure the US uses to support the 2020 US Presidential election, as well as the 2020 US Census.


US advisory meant to clarify ransomware payments only spotlights widespread uncertainty

The Oct. 1 advisory from the Office of Foreign Assets Control warned that paying or helping to pay ransoms to anyone on its cyber sanctions list could incur civil penalties. Across some of the industries mentioned in the advisory — like cybersecurity incident response firms and insurance providers — reactions have ranged from confusion to silence, from yawns to raised eyebrows, from praise to fear of a blizzard of potentially unintended consequences. The worst case scenarios involve ransomware victims in the health sector having to make a life-or-death decision on whether to pay to unlock their systems while at risk of incurring Treasury’s wrath, or situations where victims try even harder to keep attacks quiet to avoid OFAC fines, which sometimes total millions of dollars.


Malware gangs love open source offensive hacking tools

In the cyber-security field, the term OST refers to software apps, libraries, and exploits that possess offensive hacking capabilities and have been released as either free downloads or under an open source license. OST projects are usually released to provide a proof-of-concept exploit for a new vulnerability, to demonstrate a new (or old) hacking technique, or as penetration testing utilities shared with the community. Today, OST is one of the most (if not the most) controversial topics in the information security (infosec) community. One one side, you have the people who are in favor of releasing such tools, arguing that they can help defenders learn and prepare systems and networks for future attacks. On the opposing side, you have the ones who say that OST projects help attackers reduce the costs of developing their own tools and hiding activities into a cloud of tests and legitimate pen-tests.


Related Posts