AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/18/2023

A surveillance tower in Mexico becomes an unsettling landmark for privacy advocates 

The building will have 1,791 automated license plate readers. 3,065 pan-tilt-zoom cameras. 74 drones. Live feeds from cameras owned by neighborhood businesses and residents. Biometric filters running constantly to support facial recognition. Connections to infrastructure throughout the city. Those monitoring tools and many others will be embedded in Mexico’s Torre Centinela (Sentinel Tower), a nearly $200 million, 20-story surveillance colossus situated in Chihuahua, a Mexican state running along the U.S. border. 


Colorado Supreme Court Upholds Keyword Search Warrant 

Today, the Colorado Supreme Court became the first state supreme court in the country to address the constitutionality of a keyword warrant—a digital dragnet tool that allows law enforcement to identify everyone who searched the internet for a specific term or phrase. In a weak and ultimately confusing opinion, the court upheld the warrant, finding the police relied on it in good faith. EFF filed two amicus briefs and was heavily involved in the case.  


Are You Sure Your Browser is Up to Date? The Current Landscape of Fake Browser Updates 

Proofpoint is currently tracking at least four distinct threat clusters that use fake browser updates to distribute malware. Fake browser updates refer to compromised websites that display what appears to be a notification from the browser developer such as Chrome, Firefox, or Edge, informing them that their browser software needs to be updated. When a user clicks on the link, they do not download a legitimate browser update but rather harmful malware. Based on our research, TA569 has used fake browser updates for over five years to deliver SocGholish malware, but recently other threat actors have been copying the lure theme. Each threat actor uses their own methods to deliver the lure and payload, but the theme takes advantage of the same social engineering tactics. The use of fake browser updates is unique because it abuses the trust end users place in both their browser and the known sites that they visit.   


Five Eyes Warn Deep Tech Start-Ups Against Nation-State Threats 

The UK National Cyber Security Agency (NCSC) and National Protective Security Authority (NPSA), a new subdivision of domestic intelligence agency MI5, are launching a new awareness campaign to warn start-ups developing cutting-edge technology against increasing nation-state threats. The campaign, launched on October 17, 2023, consists of an updated ‘Secure Innovation’ guidance and includes a free Quick Start Guide to help those without extensive security expertise take the first steps to keep their innovations safe. 


Californian IT company leaks private mobile phone data 

The Cybernews research team found that DNA Micro, a California-based IT company, exposed the sensitive data of more than 820,000 customers due to a misconfiguration in its systems. The victims most affected by the data leak were those using the services of DNA Micro’s subsidiary company InstaProtek, which provides a screen warranty service. Other companies affected by the leak included screen protectors and phone case manufacturers, such as Liquipel and Otterbox, which used the warranty service. 


Jupyter Notebook Ripe for Cloud Credential Theft, Researchers Warn 

Researchers have discovered a Tunisian hacker using Jupyter Notebook and a motley slate of malware in a dual attempt at cryptomining and cloud compromise. The incident points out the continuing need to prioritize cloud security amid rapid adoption of advanced productivity tools. Jupyter Notebook is an open source, Web-based, interactive, computational environment for creating notebook documents. Its flexible interface allows users to configure and arrange workflows in data science, scientific computing, computational journalism, and machine learning. 

Related Posts