AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/09/2020

What to do with old online accounts you don’t use anymore?

Chances are you have old online accounts that you haven’t used for a long time, maybe years. I know I do. I talked to the digital security experts at Sophos, and they say the smart move is to delete these old accounts. “Those old accounts may not seem like they have much value to you, but criminals have been passing around those old passwords and keeping track of a lot of those accounts,” said Chester Wisniewski, a principal research scientist at Sophos. “They could be used to send spam or to send private messages on forums or Facebook or other things like that to your family members and friends to scam them under your own name.” Chances are the old passwords on those unused accounts are weak ones. If you can remember other places you used them, this is a good opportunity to generate some new and secure ones.

Company forced to change name that could be used to hack websites

Companies House has forced a company to change its name after it belatedly realised it could pose a security risk. The company now legally known as “THAT COMPANY WHOSE NAME USED TO CONTAIN HTML SCRIPT TAGS LTD” was set up by a British software engineer, who says he did it purely because he thought it would be “a fun playful name” for his consulting business. He now says he didn’t realise that Companies House was actually vulnerable to the extremely simple technique he used, known as “cross-site scripting”, which allows an attacker to run code from one website on another. The director of the company, who asked not to be named, told the Guardian: “Government Digital Service – GDS – have a good reputation for security, and other companies with similarly playful names have been registered in the past, so I thought there probably wouldn’t be a problem.

Your Zoom calls could be hacked by…watching your shoulders

Hackers could be able to guess your passwords and much more by analysing your body position whilst on a video conferencing call, experts have claimed. The way people move their shoulders when typing on Zoom calls can betray what keys they are pressing, allowing hackers to potentially identify specific entries, according to researchers from the University of Texas at San Antonio. The team found that when analysing clips of upper arm movements, they could reconstruct the keys people had pressed in Zoom with around 93% accuracy – with Skype and Google Hangouts (now Google Chat) also affected. “From a high-level perspective, this is a concern, which obviously has been overlooked for a while,” report author and assistant professor of computer science at the University of Texas at San Antonio Murtuza Jadliwala said.

Should we be worried about self-learning malware?

Could we be just a few years away from self-learning malware being a credible threat to businesses? According to CCS Insight, the answer is yes. In its predictions for 2021 and beyond, the analyst firm forecast that self-learning malware will cause a major security breach on or before 2024. Self-learning, adaptive malware isn’t something new, but to date has been largely confined to lab environments and hackathons. Some of the earliest examples of self-propagating malware were able to ‘learn’ about their environment.  For example, the Morris Worm of 1988 learnt of other computers to compromise from the systems that it infected, notes Martin Lee, a member of the Institution of Engineering and Technology’s (IET) Cybersecurity and Safety Committee and a Cisco employee. “It was also aware if it was re-infecting a system that had already been infected, and would refuse to run, most of the time, if it learnt another copy of itself was already present.”

Social Engineering Attacks

A common misconception about cyber attackers is that they use only highly advanced tools and techniques to hack into peoples’ computers or accounts. Cyber attackers have learned that the easiest ways to steal your information, hack your accounts, or infect your systems is by simply tricking you into doing it for them using a technique called social engineering. Let’s learn how these attacks work and what you can do to protect yourself. Social engineering is a psychological attack where an attacker tricks you into doing something you should not do through various manipulation techniques. Think of scammers or con artists; it is the same idea. However, today’s technology makes it much easier for any attacker from anywhere in the world, to pretend to be anything or anyone they want, and target anyone around the world, including you.

Hotels.com, Expedia provider exposed data for millions of guests

The hotel industry now has a potentially serious security headache on its hands alongside the pandemic. Website Planet reports that Prestige Software, the company behind hotel reservation platforms for Hotels.com, Booking.com and Expedia, left data exposed for “millions” of guests on an Amazon Web Services S3 bucket. The 10 million-plus log files dated as far back as 2013 and included names, credit card details, ID numbers and reservation details. It’s not certain how long the data was left open, or if anyone took the data. Website Planet said the hole was closed a day after telling AWS about the exposure. Prestige confirmed that it owned the data. The damage could be severe if crooks found the data. WP warned that it could lead to all too common risks with hotel data exposures like credit card fraud, identity theft and phishing scams. Perpetrators could even hijack a reservation to steal someone else’s vacation. Full report here.

Related Posts