AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/12/2019

1 – BlueKeep Attacks Crash Systems Due to Meltdown Patch

The recent attacks exploiting the BlueKeep vulnerability to deliver cryptocurrency miners caused some systems to crash due to a Meltdown patch being deployed on the targeted machines. The BlueKeep vulnerability, officially tracked as CVE-2019-0708, affects Windows Remote Desktop Services (RDS) and it allows an unauthenticated attacker to execute arbitrary code by sending specially crafted Remote Desktop Protocol (RDP) requests. Microsoft released patches, including for unsupported versions of Windows, in May.


2 – DNA testing startup exposes customer info in data breach

Veritas Genetics, a DNA-testing startup, has become the latest company to fall victim to a security incident that exposed customer information. According to Bloomberg, the company said it recently became aware of an instance of unauthorized access involving a consumer-facing portal. While it did not contain genetic data or health records, the details are very scarce at the moment. It hasn’t disclosed the exact nature of the breach, the kind of information that was accessed, when it became aware of the incident, and for how long the portal lay exposed.


3 – Italian police shut down darkweb Berlusconi market and arrested admins

Italian financial police “Guardia di Finanza” shut down the ‘Berlusconi market’ black market hosted on the Tor network and arrested three administrators. The site was managed by two individuals that go online with nicknames of “VladimirPutin” with the role of administrator and “EmmanuelMacron” as moderator. The investigation, started last May as part of an investigation dubbed the Darknet operation. The police were investigating the traffic and sale of narcotic substances and identified a vendor, known in the Dark Web environment as g00d00. During the operation, law enforcement agents seized 2.2 kg of drugs (cocaine, ketamine, MDMA) that were ready to be marketed on the black marketplaces along with 163 ready-made ecstasy tablets and 78 stamps impregnated with LSD. 


4 – Russian hacker to be extradited to U.S. from Israel, high court rules

The Israeli Supreme Court on Sunday rejected a Russian hacker’s petition and approved his extradition to the United States. Alexei Burkove was arrested in 2015 while visiting Israel and is wanted in the United States on suspicion of cyber crimes. Burkove’s fate is linked to that of an Israeli woman who was arrested in Russia in April. The woman, Nama Issachar, was arrested after police found 9 grams of cannabis in her luggage while she was traveling in the Moscow airport.


5 – UK Labour Party Hit With ‘Sophisticated and Large Scale’ Cyber Attack During Election Campaign

The UK Labour Party announced on Tuesday that it’s been hit with a “sophisticated and large scale” cyber attack on its digital platforms but suggested that all of its data was secure. “We have experienced a sophisticated and large scale cyber attack on Labour digital platforms,” a Labour Party spokesperson told Gizmodo via email. “We took swift action and these attempts failed due to our robust security systems. The integrity of all our platforms was maintained and we are confident that no data breach occurred.”


6 – CERTrating a new Tool to evaluate CERT/CSIRT maturity level

Cyber-attacks that have occurred in recent years have fully confirmed that Cybersecurity is an increasingly complex challenge that represents a priority for all companies both in terms of development and investments. In this complex context, CERTs certainly play a central role in companies security perimeter but even more in National Scenarios. Computer and Emergency Response Teams are one of the main protagonists and one of the first defense line of cybersecurity, identifying, preventing, responding, resolving and struggling any type of IT incident in order to protect corporate and national interests.


7 – Google signs healthcare data and cloud computing deal with Ascension

Alphabet Inc’s (GOOGL.O) Google has signed its biggest cloud computing customer in healthcare to date, in a deal giving it access to datasets that could help it tune potentially lucrative artificial intelligence (AI) tools. Google and Ascension, which operates 150 hospitals and more than 50 senior living facilities across the United States, said the healthcare provider would move some data and analytics tools in its facilities to Google’s servers. The deal was mentioned in Google’s July earnings call, but drew scrutiny on Monday after the Wall Street Journal reported that Google would gain personal health-related information of millions of Americans across 21 states.


8 – Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin

Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator accounts and database servers, KrebsOnSecurity has learned. Orvis says the exposure was inadvertent, and that many of the credentials were already expired. Based in Sunderland, VT. and founded in 1856, privately-held Orvis is the oldest mail-order retailer in the United States. The company has approximately 1,700 employees, 69 retail stores and 10 outlets in the US, and 18 retail stores in the UK.


9 – Situation critical: Vodafone’s future in India in doubt after court ruling

Vodafone said its future in India could be in doubt unless the government stopped hitting operators with higher taxes and charges, after a court judgment over license fees resulted in a 1.9 billion euro group loss in its first half.  Chief Executive Nick Read said India, where Vodafone formed a joint venture with Idea Cellular in 2018, had been “a very challenging situation for a long time”, but Vodafone Idea still had 300 million customers, equating to a 30% share of the sizable market. “Financially there’s been a heavy burden through unsupportive regulation, excessive taxes and on top of that we got the negative supreme court decision,” he said on Tuesday.


10 – Instagram Stories launches TikTok clone Reels in Brazil

Instagram  is launching a video-music remix feature to finally fight back against Chinese social rival TikTok. Instagram Reels lets you make 15-second video clips set to music and share them as Stories, with the potential to go viral on a new Top Reels section of Explore. Just like TikTok, users can soundtrack their Reels with a huge catalog of music, or borrow the audio from anyone’s else video to create a remix of their meme or joke. Reels is launching today on iOS and Android but limited to just Brazil where it’s called Cenas.

Related Posts