AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/16/2022

Twitter Users Warn Others Using Two-Factor Authentication Not To Sign Out As 2FA Texts Aren’t Arriving

Elon Musk’s acquisition of Twitter has proven controversial, confusing, amusing, and sometimes even frustrating. This week appears to be falling in the frustrating category, as some users are warning others that they’ve encountered a bug that is locking them out of their accounts. The claims have surfaced amid concerns about Twitter’s drastically reduced workforce and the ways Musk went about laying off around half of the company’s employees — something said to not only have been a confusing mess, but also one that left the company having to ask some people to come back.

 

Almost 50% of macOS malware comes from this one source

Elastic Security Labs is out with its inaugural report on software threats in 2022. Interesting findings include how the total amount of malware discovered breaks down by operating system, the most popular type of malware overall, and specifically the most used malware on Mac. Elastic Security Labs shared the 40-page security report this morning with much of it focusing on Windows and Linux malware. That makes sense given the vast majority found are aimed at those operating systems. When it comes to the percentage of malware by OS, 54.4% of it was found on Windows, 39.4% was on Linux, and just 6.2% was found on macOS.

 

FBI director say he’s ‘extremely concerned’ about China’s ability to weaponize TikTok

FBI Director Christopher Wray told Congress on Tuesday he is “extremely concerned” that Beijing could weaponize data collected through TikTok, the wildly popular app owned by the Chinese company ByteDance. Wray said during a House Homeland Security Committee hearing on worldwide threats that application programming interfaces, or APIs, that ByteDance embeds in TikTok are a national security concern since Beijing could use them to “control data collection of millions of users or control the recommendation algorithm, which can be used for influence operations.” In his opening remarks, Wray noted that while America faces cyberthreats from a variety of nations, “China’s fast hacking program is the world’s largest, and they have stolen more of Americans’ personal and business data than every other nation combined.”

 

Euro Authorities Warn World Cup Fans Over Qatari Apps

European privacy experts have warned FIFA World Cup attendees that their personal data may be at risk if they download two local tracking apps. The two apps in question are contract-tracing software Ehteraz, which football fans may be asked to download if they’re forced to visit healthcare facilities during their stay in Qatar, and official World Cup app Hayya. The latter functions as a fan ID app that may be needed to gain entry into stadiums. However, concerns have been raised that it also tracks device location and network connections, even preventing devices from going into sleep mode. With 1.5 million fans expected to travel to the tiny Gulf state, several European governments have issued advice to mitigate privacy and security concerns.

 

Microsoft, Meta and others face rising drought risk to their data centers

Drought conditions are worsening in the U.S., and that is having an outsized impact on the real estate that houses the internet. Data centers generate massive amounts of heat through their servers because of the enormous amount of power they use. Water is the cheapest and most common method used to cool the centers. In just one day, the average data center could use 300,000 gallons of water to cool itself — the same water consumption as 100,000 homes, according to researchers at Virginia Tech who also estimated that one in five data centers draws water from stressed watersheds mostly in the west. “There is, without a doubt, risk if you’re dependent on water,” said Kyle Myers, vice president of environmental health, safety & sustainability at CyrusOne, which owns and operates over 40 data centers in North America, Europe, and South America. “These data centers are set up to operate 20 years, so what is it going to look like in 2040 here, right?”

Related Posts