AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/15/2022

Australia to ‘stand up and punch back’ against cyber crims

Australia’s government has declared the nation is planning to go on the offensive against international cyber crooks following recent high-profile attacks on local health insurer Medibank and telco Optus. The aggressive posture was expressed in the announcement of a “Joint standing operation” that will see the Australian Federal Police and the Australian Signals Directorate (Australia’s GCHQ/NSA analog) run a team with a mission “to investigate, target and disrupt cyber-criminal syndicates with a priority on ransomware threat groups.” Minister for Home Affairs and Cyber Security Clare O’Neil said the operation will “scour the world, hunt down the criminal syndicates and gangs who are targeting Australia in cyber-attacks, and disrupt their efforts.”


Over 15,000 WordPress Sites Compromised in Malicious SEO Campaign

A new malicious campaign has compromised over 15,000 WordPress websites in an attempt to redirect visitors to bogus Q&A portals. “These malicious redirects appear to be designed to increase the authority of the attacker’s sites for search engines,” Sucuri researcher Ben Martin said in a report published last week, calling it a “clever black hat SEO trick.” The search engine poisoning technique is designed to promote a “handful of fake low quality Q&A sites” that share similar website-building templates and are operated by the same threat actor.


Russian Code Found in US Army, CDC Apps

A Russian company offering data processing services for apps has deceived many international companies by presenting itself as a US entity. The company is called Pushwoosh Inc., and its Russian origins were uncovered by Reuters. A quick check of Pushwoosh’s social media channels reveal a company claiming to be located in Washington, D.C. on Twitter, and Maryland on Facebook and LinkedIn. On the company’s YouTube channel it boasts of 80,000 clients including Unilever, Deloitte, Coca-Cola, McDonald’s, FIBA, Sport1, and SPAR. US regulatory filings by the company don’t mention Russia, this includes eight annual filings made in Delaware. It has also been confirmed that Pushwoosh’s founder, Max Konev, is using the email address of a friend based in Maryland to handle business correspondance.


Google agrees to pay nearly $392 million in a record privacy settlement

Search giant Google has agreed to a $391.5-million settlement with 40 states to resolve an investigation into how the company tracked users’ locations, state attorneys general announced Monday. The investigation by the states, which officials said was spurred by a 2018 Associated Press story, found that Google continued to track people’s location data even after they opted out of such tracking. The attorneys general called the settlement a historic win for consumers, and the largest multistate settlement in U.S. history dealing with privacy.


GitHub sets up private vulnerability reports for public repos to avoid ‘naming and shaming’

GitHub is offering a scheme for security researchers to privately report vulnerabilities found in public repositories. Being able to privately report code flaws is important to researchers who are often left with choices that can lead to more security problems, GitHub said in a blog post. “Security researchers often feel responsible for alerting users to a vulnerability that could be exploited,” the company wrote. “If there are no clear instructions about contacting maintainers of the repository containing the vulnerability, security researchers may have no other choice but to post about the vulnerability on social media, send direct messages to the maintainer, or even create public issues.” Such options “can potentially lead to a public disclosure of the vulnerability details,” according to GitHub.

Related Posts