AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/02/2021

‘Trojan Source’ Bug Threatens the Security of All Code

Virtually all compilers — programs that transform human-readable source code into computer-executable machine code — are vulnerable to an insidious attack in which an adversary can introduce targeted vulnerabilities into any software without being detected, new research released today warns. The vulnerability disclosure was coordinated with multiple organizations, some of whom are now releasing updates to address the security weakness. Researchers with the University of Cambridge discovered a bug that affects most computer code compilers and many software development environments. At issue is a component of the digital text encoding standard Unicode, which allows computers to exchange information regardless of the language used. Unicode currently defines more than 143,000 characters across 154 different language scripts (in addition to many non-script character sets, such as emojis).


Cring ransomware continues assault on industrial organizations with aging applications, VPNs

The Cring ransomware group continues to make a name for itself through attacks on aging ColdFusion servers and VPNs after emerging earlier this year. Experts like Digital Shadows Sean Nikkel told ZDNet that what makes Cring interesting is that so far, they appear to specialize in using older vulnerabilities in their attacks. “In a previous incident, Cring operators exploited a two-year-old FortiGate VPN vulnerability to target end-of-life Microsoft and Adobe applications. This should be a wake-up call for system owners everywhere who are using end-of-life or otherwise unsupported systems that are exposed to the internet at large,” Nikkel said. 


Cybercriminals flog access to international shipping, logistics giants

Cybercriminals are offering initial access for networks belonging to key players in global supply chains, researchers warn. On Tuesday, Intel 471 published an analysis of current black market trends online, revealing instances of initial access brokers (IABs) offering access to international shipping and logistics companies across the ground, air, and sea. Global supply chains have faced serious upheaval since the start of the COVID-19 pandemic. The problems go beyond chip shortages — lockdowns and closures have caused backlogs worldwide, and as we slowly emerge from the pandemic, demand for everything from food to electronics remains high. This may be why organizations that provide the backbone of cargo transport and good deliveries have captured the interest of cybercriminals including ransomware operators. 


Flippy, the hamburger-cooking robot, gets more capable

Following its recent pilot in select White Castles, Miso Robotics today announced a new version of its hamburger-cooking robotic arm, Flippy. The new version of the robot, simply named Flippy 2, is designed to further automate simple cooking tasks for fast food establishments. As Miso notes in a release, primary staff feedback on the original version is that Flippy required too much human assistance on either side of its primary cooking tasks. That includes the initial handling of the uncooked foodstuff and putting the cooked food in the holding era. Basically Flippy was replacing the need to constantly monitor and adjust the food while cooking, but not much in the lead-up or follow-through.


Man charged with hacking MLB, NBA, NFL, and NHL user accounts to stream games

The US Department of Justice has filed charges today against a Minnesota man who hacked MLB, NBA, NFL, and NHL user accounts in order to supply content to a pirate streaming website that he operated. Charges were levied against Joshua Streit, 30, of St. Louis Park, Minnesota. The DOJ claims that Streit, who went online as “Josh Brody” or “inflx,” operated the HeHeStreams website between 2017 and August 2021. Officials said that Streit used stolen credentials to access other people’s MLB, NBA, NFL, and NHL accounts in order to hijack game streams, which he later re-broadcast on the HeHeStreams website. The pirated streams were offered part of a paid package that gave buyers access to the streams of all four US sports leagues at prices inferior to those practiced by the leagues’ official websites.


EU to adopt new cybersecurity rules for smartphones, wireless, IoT devices

The European Commission has ordered an update to the Radio Equipment Directive in order to introduce new cybersecurity guidelines for radio and wireless equipment sold on the EU market, such as mobile phones, tablets, fitness trackers, and other smart IoT devices. The new standards, which are currently scheduled to enter into effect by mid-2024, were adopted following a delegated act to the Radio Equipment Directive (RED), a piece of 2014 EU legislation that acts as the regulatory framework that equipment vendors must follow in order to sell electronic equipment on the EU market. The delegated act, which is a bureaucratic mechanism used by the European Commission to tell EU bodies to update legislation, lists three new security measures that device makers must incorporate in the design of their products in order to be allowed to sell products in the EU. 

Related Posts