AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/21/2021

New FCC rules could force wireless carriers to block spam texts

Under Acting Chairwoman Jessica Rosenworcel, the Federal Communications Commission is seeking to create new rules targeting spam text messages. Like another recent proposed rulemaking from the agency, the policy would push wireless carriers and telephone companies to block the spam before it ever gets to your phone. “We’ve seen a rise in scammers trying to take advantage of our trust of text messages by sending bogus robotexts that try to trick consumers to share sensitive information or click on malicious links,” Rosenworcel said. “It’s time we take steps to confront this latest wave of fraud and identify how mobile carriers can block these automated messages before they have the opportunity to cause any harm.”


BBB Tip: Shop safe and shop smart this holiday season

The 2021 holiday shopping season promises to be an unpredictable one.  The labor shortage and supply chain issues are already throwing a wrench into holiday shopping. Electronics, toys, and other products will be (or already are) in short supply, and retailers are struggling to staff up as the shopping season nears. Just like in 2020, people are planning to start their holiday shopping early. Watch out for deals well before Black Friday sales. Retailers are also expecting to see even more people shopping online. Product shortages and increased online shopping are likely to result in even more online purchase scams this year. These scams accounted for nearly 40% of all scams reported to BBB Scam Tracker in 2020, according to the 2020 BBB Scam Tracker Risk Report. Shortages are likely to make purchase scams even more common as desperate shoppers turn to shady websites in hopes of finding this year’s must-have gift.


Candy corn producer says ransomware incident ‘not likely’ to sour Halloween supplies

A major U.S. candy-maker says it’s returning to service after a ransomware incident in which intruders interrupted operations at some facilities just weeks before Halloween. Chicago-based Ferrara Candy — the parent company of Lemonheads, Atomic Fireballs, Keebler and others — said attackers hit the firm with ransomware on Oct. 9, encrypting systems. Specific details about the breach are sparse, though Ferrara says the incident is not likely to affect Halloween candy supplies, as much of the trick-or-treating inventory had already shipped to retailers prior to the hack. Ferrara also produces Bach’s candy corn. Law enforcement is investigating the matter, and outside experts continue to help restore systems, the company said.


Watch Out: ‘Squid Game’ Malware Hits Google Play As Hundreds Of Unofficial Apps Flood Store

If you’re going crazy for Squid Game like the rest of the Netflix-watching world, you might be tempted to download an app based on the smash hit TV show. But beware: Developers have already managed to get malware masquerading as a Squid Game phone wallpaper app onto Google Play as hundreds of unofficial apps have hit the Android app store. The malicious app, which was downloaded at least 5,000 times before Google caught it and threw it out of Play, was discovered by an Android security researcher using the handle @ReBensk and was subsequently analyzed by ESET Android malware researcher Lukas Stefanko. Both determined it to be a well-known brand of rogue Android software known as Joker. In this case, anyone who downloaded the wallpaper could’ve become a victim of ad fraud or been signed up to costly SMS services without them knowing.


Biden administration seeks corporate America’s help tracking cyber criminals

U.S. Deputy Attorney General Lisa Monaco has a message for corporate America: The U.S. Justice Department needs its help in order to take down cyber criminals. “We cannot do this alone,” Monaco said on Wednesday during a virtual roundtable on cybersecurity. “The bottom line is this: I believe it is bad for companies. It’s bad for America and it hurts our efforts to uphold the value that we try to demonstrate as a country if companies are attacked, and don’t partner with law enforcement.” Monaco made her pitch at a time when the Justice Department has been stepping up its efforts to combat cyber threats and ransomware attacks, such as the one earlier this year against the Colonial Pipeline Co., leading to massive shortages of gasoline across the East Coast.


US government bans sale of hacking tools to China and Russia

The U.S. Department of Commerce has announced that it will ban the export of hacking tools to authoritarian governments in an effort to curb violations of human rights and other malicious cyber activities. The rule, first reported by The Washington Post and later confirmed by the Commerce Department, will effectively ban the export or resale of hacking software and equipment to China, Russia and other countries of concern, for national security reasons, without a license from the department’s Bureau of Industry and Security (BIS). The move comes after the Biden administration in March restricted the export of U.S. technologies — including advanced semiconductors and software that uses encryption for information security — to China and Russia as it continues to take a hard-line national security approach toward the two countries.


US judge sentences duo for roles in running bulletproof hosting service

A US judge has sentenced two Eastern European men for operating a bulletproof hosting service leveraged by cybercriminals to deploy malware. On Wednesday, the US Department of Justice (DoJ) said that Pavel Stassi and Aleksandr Skorodumov, of Estonia and Lithuania, have now been jailed for 24 months and 48 months, respectively. The 30 and 33-year-old duo were accused of providing online hosting services that are known as bulletproof — a popular option for cybercriminals who need a host that will turn a blind eye to criminal activity. Bulletproof hosting providers, often found on the Dark Web, may host malware, explicit abuse material, or e-commerce platforms offering illegal wares such as criminal hacking tools, drugs, and weaponry.  In this case, the bulletproof host was used to store malware payloads including Zeus, SpyEye, Citadel, and the Blackhole exploit kit. 

Related Posts