AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/20/2023

After X, Meta and TikTok get EU request for info on response to Israel-Hamas war 

Meta and TikTok have each been sent formal requests for information by the European Union under the bloc’s Digital Services Act (DSA), the Commission said today. In recent days, EU regulators has expressed concern about illegal content and disinformation circulating on social media platforms following attacks in the Middle East and the ongoing Israel-Hamas war. Last week the Commission took the same formal step of asking X (formerly Twitter) to submit info on how it’s complying with requirements set out in the DSA — after publicly warning Elon Musk’s platform about its legal obligations to diligently respond to reports of illegal content and mitigate risks related to disinformation. 


Google-hosted malvertising leads to fake Keepass site that looks genuine 

Google has been caught hosting a malicious ad so convincing that there’s a decent chance it has managed to trick some of the more security-savvy users who encountered it. Looking at the ad, which masquerades as a pitch for the open source password manager Keepass, there’s no way to know that it’s fake. It’s on Google, after all, which claims to vet the ads it carries. Making the ruse all the more convincing, clicking on it leads to ķeepass[.]info, which, when viewed in an address bar, appears to be the genuine Keepass site. 


Be On Alert; That HR Email Could Be A Phishing Email! 

New research this week has given warning to employees to be on alert to emails seemingly from human resources (HR) as they could be fraudulent. In fact, the findings from KnowBe4’s latest phishing report has highlighted that fraudulent HR emails remain a prevalent tactic employed by cybercriminals. Such deceptive emails may encompass subjects like alterations in dress code policies, updates on training sessions, changes in vacation policies, or a wide range of other topics. 


Ragnar Locker ransomware’s dark web extortion sites seized by police 

The Ragnar Locker ransomware operation’s Tor negotiation and data leak sites were seized Thursday morning as part of an international law enforcement operation. BleepingComputer has confirmed that visiting either website now displays a seizure message stating that a large assortment of international law enforcement from the US, Europe, Germany, France, Italy, Japan, Spain, Netherlands, Czech Republic, and Latvia were involved in the operation. “This service has been seized as part of a coordinated law enforcement action against the Ragnar Locker group,” reads the message. 


Lloyd’s of London finds hypothetical cyberattack could cost world economy $3.5 trillion 

Insurance giant Lloyd’s of London has warned that the global economy could lose $3.5 trillion as a result of a major cyberattack targeting payment systems. The hypothetical scenario — modeled by the insurance marketplace alongside the Cambridge Centre for Risk Studies — is not considered likely. The researchers suggested it had roughly a 3.3% chance of happening, which it extended to a 1-in-30-year probability. 


Thousands of remote IT workers sent wages to North Korea to help fund weapons program, FBI says 

Thousands of information technology workers contracting with U.S. companies have for years secretly sent millions of dollars of their wages to North Korea for use in its ballistic missile program, FBI and Department of Justice officials said. The Justice Department said Wednesday that IT workers dispatched and contracted by North Korea to work remotely with companies in St. Louis and elsewhere in the U.S. have been using false identities to get the jobs. The money they earned was funneled to the North Korean weapons program, FBI leaders said at a news conference in St. Louis. 


Related Posts