AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/18/2019

1 – PrankDial.com Exposes 138 Million Records via Unprotected Database

Prank calling service “PrankDial.com” has exposed 138 million log records after they have left a non-password protected database online for anyone to access. The discovery was made in October by Jeremiah Fowler of “Security Discovery”, who reported the incident to the company immediately. The platform secured the database on the same day, but the exposure could have led to the stealing of the sensitive data in the meantime. The researcher never received an official response from them or any form of acknowledgment.

 

2 – Google’s silent Chrome experiment crashes thousands of browsers and angers IT admins

Google left thousands of machines in businesses with broken Chrome browsers this week, following a silent experimental change. Business users accessing Chrome through virtual machine environments like Citrix kept seeing white screens on open Chrome tabs, blocking access to the browser and leaving it totally unresponsive. It left many IT admins confused over the problem, as businesses typically manage and control Chrome updates. After complaints, Google was forced to reveal it had launched an “experiment” on stable versions of Chrome that had changed the browser’s behavior. The experiment was made silently, without IT admins or users being warned about Google’s changes.

 

3 – DDoS-for-Hire Services Owner Sentenced to 13 Months in Prison

Sergiy P. Usatyuk, the owner and admin of several DDoS-for-hire services also known as booters or stressers, was sentenced to 13 months in prison, to be followed by three years of supervised release. Booters are web-based platforms designed to allow cybercriminals for a small fee or subscription to launch distributed denial-of-service (DDoS) against a target of their choice, leading to the victim’s servers being “booted” from the Internet. These type of attack tools are usually very cheap and allow anyone to hit online services, websites, or servers with a large scale DDoS attack, and have become increasingly popular during the last five years.

 

4 – Lizard Squad Threatens UK’s Labour Leader with Cyberattacks Against His Family

Lizard Squad, the well-known hacktivist cybergang, is pledging to mount personal cyberattacks on Britain’s Labour Party leader, Jeremy Corbyn. As the UK continues to be roiled by Brexit debate ahead of a Dec. 12 general election, the Labour Party said on Tuesday that it had been targeted by a “sophisticated and large-scale” cyberattack bent on taking out its online presence with a distributed denial-of-service (DDoS) effort. Lizard Squad, which specializes in mounting DDoS attacks against high-profile targets, took responsibility for the attack. It tweeted out that “no terrorist-supporting government should be allowed to rule a country” – in a reference to leader Jeremy Corbyn’s views on Northern Ireland; politics-watchers say that Ulster is at the heart of the country’s inability to get a Brexit deal done.

 

5 – US Govt Recommends Vendor System Configs To Block Malware Attacks

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) today reminded users and system administrators to properly configure their systems to defend against malware that can exploit improper configurations. The reminder was published by the cyber-security agency through the US National Cyber Awareness System designed to provide users with information on current security topics and threats. “Protect yourself from unwanted—and potentially harmful—files or programs by adhering to vendor-recommended configurations for hardware and software,” CISA says.

 

6 – Disney+ Users Accounts Are Being Hacked & Sold Online

Many Disney+ users on social media are saying their accounts are showing unauthorized user profiles. When users are logging into their new Disney+ accounts, they’re finding strange names and extra profiles added to the account. Others have reported that their accounts have been hacked, with their contact email and password changed, blocking them from using their own account. It looks like account details are being found and sold. It seems that hackers are using email spam messages to warn that your Disney+ account has been locked or your credit card needs to be updated to trick Disney+ users into handing over their username and password. Once the hackers have the login info they turn around and sell it online. One other common trick for this is using username and passwords stolen from other sites and trying them on different streaming services to see if they also work there. If they do they put them up for sale sometimes as cheap as $5 for a year of Disney+.

 

7 – Malware drive-by attack triggered Australia’s first cyber emergency

Cyber security experts took more than a week to eject the state-sponsored attacker from Parliament’s computing network after it was compromised by malware earlier this year, Senate President Scott Ryan has revealed. In answers to questions on notice to budget estimates hearings released on Thursday, Ryan said the malware infection occurred when a small number of the network’s 4000 users visited an unnamed website that itself had been compromised.

 

8 – Microsoft Shutting Down Cortana Apps For iOS and Android

Individuals who rely on iOS or Android Cortana apps will have to find a different option. On January 31, 2020, Microsoft will be shutting down the Cortana apps for iOS and Android. Instead of dedicated apps, Microsoft will be integrating Cortana into the Microsoft 365 productivity apps. As a result, any content created on Cortana, such as lists and reminders, will not be available on the iOS and Android versions, although it will be accessible via the Windows version. In addition, according to the Microsoft support article, “Cortana reminders, lists, and tasks are automatically synced to the Microsoft To Do app, which you can download to your phone for free.

 

9 – The U.S. is urging a no vote on a Russian-led U.N. resolution calling for a global cybercrime treaty

The United States and its Western allies are urging opposition to a Russian-led resolution at the United Nations that they warn is a thinly veiled effort to create global norms that endorse state control of the Internet. The resolution, to be voted on Monday, would pave the way for a new global treaty on cybercrime. Though the resolution itself is worded innocuously, the United States, its allies and human rights groups see it as an opportunity for countries such as Russia and China to create a U.N.-approved standard that would permit the blocking of websites deemed critical of government authorities and the use of digital technologies to monitor dissidents.

 

10 – Microsoft hires ex-US Attorney General Eric Holder in facial recognition inquiry

Microsoft has hired former US Attorney General Eric Holder to investigate whether an Israeli company the tech giant invested in violated Microsoft’s ethics regarding facial recognition technology. Facial recognition tools made by the company, AnyVision, had reportedly been used to surveil Palestinians. A Microsoft spokesperson said in a statement Saturday that Holder’s team of former federal prosecutors “will move quickly, reviewing documents and conducting on the ground interviews with AnyVision employees and others to ensure a full and thorough investigation.”

Related Posts