AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/04/2020

MIT researchers develop an AI model that can detect Covid-19 in asymptomatic individuals

Though global economies have begun to open up, the Covid-19 virus is still spreading throughout the world, infecting thousands of new people every day. To help curb the spread of the disease, MIT researchers have developed an AI model that can detect the virus’ presence in even asymptomatic individuals. The potential good that such a model could do is probably pretty obvious. Suppose the model was refined and rolled out to the general public somehow, perhaps in the form of a free mobile app. In that case, it could help people screen themselves for the infection and either get tested or avoid contact with others, if necessary. Teachers, for example, could use it every day before heading into class, as could other individuals that work in close proximity to strangers — front-line retail employees are another key audience for such a tool. Fortunately, porting the model to an app is precisely what researchers are working toward now.

 

Someone just emptied out a $1 billion BitCoin wallet

A password-protected BitCoin wallet with almost $1 billion in cryptocurrency has just been emptied out. Mystery surrounds this suspicious transaction and the party who finally managed to cash out the big fat amount. Was it the owner themselves, or did someone crack this wallet? On November 3rd, 2020 it had contained 69369.16628020 BitCoins, which is roughly equal to $957 million. Overnight, the wallet balance mysteriously fell to a mere $1.38 after an entity cashed out the huge amount. Provided the somewhat anonymous nature of blockchain transactions, it is hard to know just yet who is the beneficiary of this sum of money. This wallet draws attention particularly due to its association with hackers.

 

Leading toy maker Mattel hit by ransomware

Toy industry giant Mattel disclosed that they suffered a ransomware attack in July that impacted some of its business functions but did not lead to data theft. Mattel is the second-largest toymaker in the world with 24,000 employees and $5.7 billion in revenue for 2019. Mattel is known for its popular brands, including Barbie, Hot Wheels, Fisher-Price, American Girl, and Thomas & Friends. In a 10-Q form filed with the Securities and Exchange Commission (SEC), Mattel disclosed that it suffered a ransomware attack on July 28th, 2020. “On July 28, 2020, Mattel discovered that it was the victim of a ransomware attack on its information technology systems that caused data on a number of systems to be encrypted. Promptly upon detection of the attack, Mattel began enacting its response protocols and taking a series of measures to stop the attack and restore impacted systems. Mattel believes it has contained the attack and, although some business functions were temporarily impacted, Mattel was able to restore its critical operations.,” the toymaker stated in their filing.

 

The death of the email attack ‘campaign’

Email remains a primary attack vector for a growing tide of online crime. When a cyber criminal tries to infiltrate your organization, steal your credentials, or part you from your money, the chances are that they’ll come calling via email first. According to the Darktrace 2020 Email Security Threat report, 94 per cent of attacks on business networks begin via this attack vector. And yet, the notion of the traditional email attack campaign is dying. Hackers are no longer using the same attack infrastructure to send thousands of emails across a period of several days. Such infrastructure – comprised of domains, IP addresses, and file hashes, are continuously being updated. According to Darktrace, the average lifecycle of an email attack has collapsed in the last two years from 2.1 days to 0.5 days. As this number tends towards zero, traditional security measures that rely on tracking ‘campaigns’ of similar attacks are falling increasingly redundant.

 

Polls close on Election Day with no apparent cyber interference

“I think what you’re seeing more than anything is 3½ years of collaboration,” said Chris Krebs, the director of the Cybersecurity and Infrastructure Security Agency, or CISA, which is responsible for securing the country’s infrastructure cybersecurity. He touted the joint effort with agencies like the U.S. intelligence community and the Election Assistance Commission. “The 50 states are working together, sharing information,” Krebs said. “From where we came in 2016 to where we are, we have a much better game plan.” The relative success is a stark contrast from that election — before CISA existed in its current form or elections had been designated as critical infrastructure by the Department of Homeland Security — when Russian military intelligence hacked into one state and several county systems.

 

Expansion of landmark California data privacy law leading

Two years ago, California became the first state to pass a sweeping digital privacy law seen as the strongest of its kind in the United States. Early returns Tuesday showed a measure to refine and expand the law leading with 57% of more than 7 million votes counted. If approved, Proposition 24 would update a 2018 law that gave Californians the right to know what information companies collect about them online, the right to get that data deleted and the right to opt out of the sale of their personal information. The new measure would triple the fines for companies that violate kids’ privacy or break laws on the collection and sale of children’s private information. It would create a dedicated state agency to enforce the new law, with an annual budget of $10 million. It also aims to close some loopholes that proponents say companies like Facebook, Google and Spotify have exploited.

Related Posts