AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/27/2023

UK government accused of ‘vandalism’ over abolishing biometrics safeguards 

The British government’s plans to remove safeguards around biometrics and public space surveillance were described on Thursday as “shocking” and “tantamount to vandalism” by an outgoing commissioner. Fraser Sampson, the biometrics and surveillance camera commissioner, said: “The loss of regulation and oversight in this key area comes just as the evolution of AI-driven biometric surveillance makes it more important than ever.” It comes as Prime Minister Rishi Sunak drives forward with a much-publicized commitment to make the United Kingdom a world leader in AI governance, and ahead of a global AI Safety Summit being arranged for November in Bletchley Park. 


MGM Resorts hackers ‘one of the most dangerous financial criminal groups’ 

The hackers behind the ransomware attack that crippled operations at MGM Resorts are “one of the most dangerous financial criminal groups” currently operating, researchers at Microsoft said Wednesday. In a blog, the researchers explained the tactics used by Octo Tempest, a group also known as Scattered Spider0ktapus or UNC3944The group has been in the limelight since its attack on MGM Resorts left parts of Las Vegas paralyzed for days and cost the casino giant an estimated $100 million. The situation became so dire that federal authorities and the White House became involved in the recovery effort. 


Now Android and Windows devices aren’t safe from Flipper Zero either 

A few days ago, a custom third-party firmware for the Flipper Zero was released. The firmware could flood iPhones and iPads with spam Bluetooth messages, and it even had a feature that could cause the device to lock up completely. This left a few Android users feeling smug about the security of their chosen platform over that of iOS and iPadOS. Well, now the Bluetooth spam application for the Flipper Zero can target Android devices and PCs running Windows. 


Media outlets win fight to gain faster access to Google trial evidence 

Slowly but surely, the public will start gaining more access to evidence shared in the Department of Justice’s antitrust trial probing Google’s search business, following an intervention by press outlets. In a motion to intervene, outlets earlier this month told the court that they were struggling to cover the trial because much of the evidence and proceedings has been withheld, redacted, or closed off entirely to protect industry trade secrets. Yesterday, Judge Amit Mehta granted some of the demands of outlets—including The New York Times, The Wall Street Journal, Bloomberg, MLex, and Law360—which, among other requests, had asked the court to mandate the sharing of dozens of exhibits that the public has so far been denied access to despite pending press requests. 


iPhones have been exposing your unique MAC despite Apple’s promises otherwise 

Three years ago, Apple introduced a privacy-enhancing feature that hid the Wi-Fi address of iPhones and iPads when they joined a network. On Wednesday, the world learned that the feature has never worked as advertised. Despite promises that this never-changing address would be hidden and replaced with a private one that was unique to each SSID, Apple devices have continued to display the real one, which in turn got broadcast to every other connected device on the network. 


Mandiant Intelligence Chief Raises Alarm Over China’s ‘Volt Typhoon’ Hackers in US Critical Infrastructure 

Speaking at a keynote fireside chat at SecurityWeek’s 2023 ICS Cybersecurity Conference in Atlanta on Tuesday, Hultquist said the Volt Typhoon campaign included “very deliberate targeting of critical infrastructure” installations and represents a major shift by Chinese hacking teams known mostly for economic espionage and IP theft. “This Volt Typhoon activity is a brand-new thing for them. We have not seen a lot of deliberate targeting in the critical infrastructure space from China,” Hultquist said. “Occasionally, we’ll catch them probing into power, but this is a deliberate, long-term attempt to infiltrate a lot of critical infrastructure in a way that stays below the radar.” 

Related Posts