AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/17/2020

Scams Ramp Up Ahead of Black Friday Cybercriminal Craze

The number of online holiday shoppers this year is expected to skyrocket due to the pandemic – and consequently, consumers can expect an onslaught of scams, phishing attacks and other malicious activities. The risk of infection is driving consumers to shop from the safety of their homes, rather than venture out into stores. In fact, a recent study revealed that 62 percent of consumers shop more online now than before COVID-19. From a cybercriminal perspective, this skyrocketing level of online shoppers translates to more potential victims. Hackers are looking to cash in on the top shopping days in the U.S. – Black Friday and Cyber Monday – as well as other events, like Singles’ Day, which recently occurred this week in China.


North Korean, Russian hackers target COVID-19 researchers

Hackers working for the Russian and North Korean governments have targeted more than half a dozen organizations involved in COVID-19 treatment and vaccine research around the globe, Microsoft MSFT.O said on Friday. The software company said a Russian hacking group commonly nicknamed “Fancy Bear” – along with a pair of North Korean actors dubbed “Zinc” and “Cerium” by Microsoft – were implicated in recent attempts to break into the networks of seven pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea, and the United States. Microsoft said the majority of the targets were organizations that were in the process of testing COVID-19 vaccines. Most of the break-in attempts failed but an unspecified number succeeded, it added.


Facebook, Twitter CEOs to testify before the Senate: How to watch Tuesday

Facebook CEO Mark Zuckerberg and Twitter CEO Jack Dorsey are becoming familiar faces on Capitol Hill. On Tuesday, the pair of social media bosses are scheduled to visit with senators to discuss how they make choices when monitoring content on their sites. The virtual hearing marks the second time Zuckerberg and Dorsey are to appear before lawmakers in less than a month. The new proceedings come as lawmakers ramp up scrutiny of Big Tech, a development that will likely continue under the Biden administration. Legislators and regulators are concerned over the power tech companies have and how it might ultimately harm consumers.


Apple responds to privacy concerns over Mac software security process

Last week, a number of Mac users had trouble opening apps — a problem that seemed to be caused by an Apple security protocol responsible for checking that software comes from trusted sources. The slow-down prompted some to criticize Apple for collecting too much information about users’ activities; criticism which the company has now responded to with promises that it will change how these security protocols work in future. Apple announced the changes via its support pages, adding a new “Privacy protections” section to a page entitled “Safely open apps on your Mac” (as spotted by iPhone in Canada). Apple says a service known as Gatekeeper “performs online checks to verify if an app contains known malware and whether the developer’s signing certificate is revoked.” It goes on to clarify how Apple currently uses the data, and outlines new safeguards that are being introduced over the next year.


Doctor Who’s sonic pioneers to turn internet into giant musical instrument

The Radiophonic Workshop has always broken new sonic ground, from the Doctor Who theme to the Hitchhiker’s Guide to the Galaxy. Now they’re at it again – this time using the internet as a musical instrument. A performance of Latency will take place at a special online event on 22 November using a technique inspired by lockdown Zoom calls. The band includes composers from the original BBC Radiophonic Workshop, which created soundtracks for most BBC shows from the 60s to the 90s and influenced generations of musicians from Paul McCartney, Pink Floyd and Mike Oldfield to Aphex Twin, Orbital and Mary Epworth. “The idea [of playing the internet] reflected our time,” said workshop member Peter Howell. “We’re all subject to the internet now in a way that we never thought we would be. And Bob and Paddy came up with an idea that is literally using what we’re all relying on for a creative purpose, using something that we’ve all taken for granted but in an artistic way.”


macOS Big Sur Update Bricking Some Older MacBook Pro Models

A large number of late 2013 and mid 2014 13-inch MacBook Pro owners are reporting that the macOS Big Sur update is bricking their machines. A MacRumors forum thread contains a significant number of users reporting the issue, and similar problems are being reported across Reddit and the Apple Support Communities, suggesting the problem is widespread. Users are reporting that during the course of updating to ‌macOS Big Sur‌, their machines are stuck displaying a black screen. Key reset combinations, including NVRAM, SMC, safe mode, and internet recovery, are all reportedly inaccessible after attempting to install the update, leaving no way to bypass the static black screen. It appears that the overwhelming number of users experiencing problems are owners of the late 2013 and mid 2014 13-inch MacBook Pro, but it is unclear exactly how many users of these models have been affected. It is also of note that these are the oldest models supported by ‌macOS Big Sur.


Cold storage giant Americold hit by cyberattack, services impacted

Cold storage giant Americold is currently dealing with a cyberattack impacting their operations, including phone systems, email, inventory management, and order fulfillment. Americold is a leading temperature-controlled warehouses operator who offers supply-chain services and inventory management for retailers, food service providers, and producers. Americold manages 183 warehouses worldwide and has approximately 13,000 employees. While Americold has not provided details on the attack, numerous sources have told BleepingComputer that it was a ransomware attack. The ransomware operation behind the attack is unknown at this time. With COVID-19 vaccines gearing up for FDA approval and distribution, cold storage facilities will be necessary for long term storage. 

Related Posts