AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/07/2019

1 – LA is fast becoming a fintech hub as HMBradley launches another West Coast challenger bank

Add HMBradley to the list of Los Angeles based startups looking to shake up the world of high finance typically dominated by East Coast giants with names like JPMorgan Chase, Citigroup, Morgan Stanley, and Goldman Sachs. The new Santa Monica, Calif.-based bank joins companies like Aspiration and Acorns in trying to offer consumers new ways to manage their finances. Founded by a team of fintech veterans and backed by PayPal founder Max Levchin, HMBradley got its start in Levchin’s HVF Labs, a San Francisco-based venture studio.


2 – Trend Micro reveals that customer data was illegally sold following inside-job ‘security incident’

Security firm Trend Micro has revealed details of an inside scam which led to personal details of its customers being exposed. The security incident dates back to August this year, and the company says that it was made aware of customers being contacted by fake Trend Micro support staff. Following an investigation lasting until the end of October, it was determined that it was a member of staff that had fraudulently gained access to a customer database and sold personal data to a third party. Trend Micro says that the employee was able to access names, email addresses, support ticket numbers and telephone numbers, stressing that it was an inside job and not an external hack.


3 – Anonymous and LulzSecITA hacked professional orders and telephone operator Lyca Mobile

The Million Mask March, also known as “Operation Vendetta” is a worldwide, annual protest associated with the hacktivist group Anonymous occurring annually on Guy Fawkes Day, the 5th of November. The motivations for the protests vary, they include corruption in politics, demilitarization, police violence, and environmental activism. Italian hacktivists claim to have hacked the Chamber of Deputies, the prefecture of Naples, the order of the lawyers of Arezzo, Grosseto and Perugia, the Environment Agency in the Abruzzo and Puglia regions and many other sites. The popular group of Italian hacktivists LulzSecITA also joined the protest and hacked the Italian site of the telephone company Lyca Mobile.


4 – Chinese APT group Calypso hacked state institutions in six countries

A Chinese-speaking APT group, Calypso, has actively been targeting state institutions in six countries, hacking systems and injecting a program to gain access to internal networks, according to a report from researchers at Positive Technologies Expert Security Center. The researchers found the hackers either exploited a remote code execution vulnerability MS17-010 or used stolen credentials. “These attacks succeeded largely because most of the utilities the group uses to move inside the network are widely used by the specialists everywhere for network administration,” said Denis Kuvshinov, lead specialist in threat analysis at Positive Technologies. “The group used publicly available utilities and exploit tools, such as SysInternals, Mimikatz and EternalRomance. Using these widely available tools, the attackers infected computers on the organization’s LAN and stole confidential data.”


5 – Europe’s banks must brace for coming digital storm

Low profitability at European banks just when they need to invest to stay competitive in the digital era risks triggering a vicious circle of underinvestment and further poor performance, said Germany’s nominee to the board of the European Central Bank.  Isabel Schnabel, a prominent economist, is set to take Germany’s slot on the board of the euro zone central bank, where she will succeed Sabine Lautenschlaeger, who resigned amid discord over the ECB’s dovish fiscal policy. Speaking in Berlin on Wednesday, Schnabel warned that low profitability could end up becoming a financial stability issue for the euro zone. Though she has yet to be formally confirmed for the board seat, Schnabel is the only candidate.


6 – U.S. government sees no evidence of hacking in Tuesday’s elections

Voting in U.S. state and local elections on Tuesday showed no evidence of successful tampering by any foreign government, the Justice Department and six U.S. security agencies said. But Russia, China, Iran and other adversaries of the United States will seek to meddle in U.S. elections moving forward, including through social media manipulation and cyberattacks, the agencies said. “While at this time we have no evidence of a compromise or disruption to election infrastructure that would enable adversaries to prevent voting, change vote counts or disrupt the ability to tally votes, we continue to vigilantly monitor any threats to U.S. elections,” a joint statement, signed by the heads of each agency, said.


7 – Shopping Online Securely

The holiday season is nearing for many of us and soon millions of people will be looking to buy the perfect gifts. Many of us will shop online in search of great deals and to avoid noisy crowds. Unfortunately, cyber criminals will be active as well, creating fake shopping websites and using other tactics to scam people. In this newsletter, we explain how you can shop online safely and avoid becoming a victim. Cyber criminals create fake online stores that mimic the look of real sites or that use the names of well-known stores or brands. 


8 – Leaked documents show Facebook leveraged user data to fight rivals and help friends

This trove comprises approximately 7,000 pages in total, of which about 4,000 are internal Facebook communications such as emails, web chats, notes, presentations and spreadsheets, primarily from 2011 to 2015. About 1,200 pages are marked as “highly confidential.” Taken together, they show how Zuckerberg, along with his board and management team, found ways to tap Facebook users’ data — including information about friends, relationships and photos — as leverage over the companies it partnered with. In some cases, Facebook would reward partners by giving them preferential access to certain types of user data while denying the same access to rival companies.


9 – Undercover at a Troll Farm

We all have heard about troll farms. However, much of the reporting about bots and trolls is just speculation. To find out what is really involved, our reporter went undercover to work as a troll for six-months at a troll farm in Wroclaw. This report gives insights about a commercial company that turned the spreading of hate and propaganda into their business model. 


10 – Targeted Ransomware Attacks Hit Several Spanish Companies

Everis, one of the largest IT consulting companies in Spain, suffered a targeted ransomware attack on Monday, forcing the company to shut down all its computer systems until the issue gets resolved completely. Ransomware is a computer virus that encrypts files on an infected system until a ransom is paid. According to several local media, Everis informed its employees about the devastating widespread ransomware attack, saying: “We are suffering a massive virus attack on the Everis network. Please keep the PCs off. The network has been disconnected with clients and between offices. We will keep you updated.” “Please, urgently transfer the message directly to your teams and colleagues due to standard communication problems.”


11 – Google Enlists Outside Help to Clean Up Android’s Malware Mess

Today Google is announcing a partnership with three antivirus firms—ESET, Lookout, and Zimperium—to create an App Defense Alliance. All three companies have done extensive Android malware research over the years, and have existing relationships with Google to report problems they find. But now they’ll use their scanning and threat detection tools to evaluate new Google Play submissions before the apps go live—with the goal of catching more malware before it hits the Play Store in the first place.

Related Posts