AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/20/2019

1 – Wikipedia co-founder offers a Facebook/Twitter wannabe

How much would you pay for a Facebook- or Twitter-like social network experience, but one in which you’re not tracked, your personal information and web history aren’t gobbled up, and you aren’t e-hounded by targeted ads? For those of us who haven’t already jumped the Facebook ship and might still be interested in relinquishing our roles as products, Wikipedia co-founder Jimmy Wales has set up a social media site called WT:Social that’s supported solely by donations. The cost, if you want to skip the waiting list: either $12.99/month or $100/year, or your willingness to share the invitation with friends, family and/or colleagues. Instead of funding the site with advertising, Wales is using Wikipedia’s model of relying on users’ donation.


2 – Cybercrime Booms As Scammers Hack Human Nature To Steal Billions

The secret to comedy, according to the old joke, is timing. The same is true of cybercrime. Mark learned this the hard way in 2017. He runs a real estate company in Seattle and asked us not to include his last name because of the possible repercussions for his business. “The idea that someone was effectively able to dupe you … is embarrassing,” he says. “We’re still kind of scratching our head over how it happened.” It started when someone hacked into his email conversation with a business partner. But the hackers didn’t take over the email accounts. Instead, they lurked, monitoring the conversation and waiting for an opportunity.


3 – Ransomware Bites 400 Veterinary Hospitals

National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilities around the globe, is still working to recover from a ransomware attack late last month that affected more than half of those properties, separating many veterinary practices from their patient records, payment systems and practice management software. NVA says it expects to have all facilities fully back up and running normally within the next week. Agoura Hills, Calif.-based NVA bills itself as is the largest private owner of freestanding veterinary hospitals in the United States. The company’s Web site says it currently owns roughly 700 veterinary hospitals and animal boarding facilities in the United States, Canada, Australia and New Zealand.


4 – Man who made $542,925 renting out DDoS services sentenced to prison

A 21-year-old man who made half a million dollars running DDoS-for-hire services has been sentenced to prison for 13 months. Between August 2015 to November 2017 Sergiy P. Usatyuk of Orland Park, Illinois, and a co-conspirator, operated a number of “booter” services that launched millions of distributed denial-of-service attacks that rendered websites slow or inaccessible. The illegal websites operated by Usatyuk had colourful names such as ExoStresser, QuezStresser, Betabooter, Databooter, Instabooter, Polystress, and Zstress. Despite their different names, the “booter” (sometimes known as “stressser”) services were all designed for the same purpose – to make it simple for cybercriminals to hire a DDoS attacks that could swamp a targeted web server or computer with unwanted internet traffic, interrupting normal business operations and causing network downtime.


5 – National Tax Security Awareness Week is December 2–6

The Internal Revenue Service (IRS) has released an article announcing that National Tax Security Awareness Week will be held December 2–6. The annual recognition event will feature a series of resources and tips to help taxpayers and tax professionals protect their data and identities against identity theft. The Cybersecurity and Infrastructure Security Agency (CISA) encourages taxpayers, businesses, and tax professionals to review CISA’s Tip on Preventing and Responding to Identity Theft and IRS’s article on National Tax Security Awareness Week for details about new resources and the more than 25 tax security events being held across the country throughout the awareness week.


6 – Amazon uses aggregated seller data to help business, it tells lawmakers

Amazon.com Inc uses “aggregated data” from sellers in its third-party marketplace to improve its overall business, the online retailer said in response to a congressional antitrust probe that could raise concerns with such sellers. Such data, also culled from public sources and Amazon’s first-party sales, is available to the company’s retail and private brand teams, it said in an Oct. 11 document released by the U.S. House of Representatives Judiciary Committee on Tuesday. The panel, which is investigating potential breaches of antitrust law by big technology companies, also made public the responses from Facebook Inc, Alphabet Inc’s Google and Apple Inc.


7 – Google Confirms Android Camera Security Threat: ‘Hundreds Of Millions’ Of Users Affected

The security research team at Checkmarx has made something of a habit of uncovering alarming vulnerabilities, with past disclosures covering Amazon’s Alexa and Tinder. However, a  discovery of vulnerabilities affecting Google and Samsung smartphones, with the potential to impact hundreds of millions of Android users, is the biggest to date. What did the researchers discover? Oh, only a way for an attacker to take control of smartphone camera apps and remotely take photos, record video, spy on your conversations by recording them as you lift the phone to your ear, identify your location, and more. All of this performed silently, in the background, with the user none the wiser.


8 – Senators want Zuckerberg to explain why Facebook still tracks your location even when you ask it not to

Two senators are asking Facebook to “respect” users’ decisions to keep their location data from the company. In a letter sent Tuesday, Sen. Josh Hawley, R-Mo., and Sen. Chris Coons, D-Del., asked Facebook CEO Mark Zuckerberg to respond to questions about how the company collects location data through the new operating systems for Apple’s iPhones and Google’s Android. Both Google and Apple updated their operating systems earlier this year to give users more control and insight into which apps can access their location data. Anticipating those changes, Facebook released a blog post in September explaining that even if users opt out of letting Facebook collect their data, it could still determine users’ locations in other ways, like through check-ins and users’ internet connections.


9 – Iran’s Internet Has Been Shut Off For 4 Days and No One Knows When It’s Coming Back

The government of Iran shut off the internet for virtually everyone in the country on Saturday as protests over fuel prices turned violent. The internet in Iran has now been inaccessible to the general population of 81 million for almost four days, and it’s not clear when the government will turn it back on. “The ongoing disruption is the most severe recorded in Iran since President Rouhani came to power, and the most severe disconnection tracked by NetBlocks in any country in terms of its technical complexity and breadth,” according to NetBlocks, an internet freedom advocacy organization.


10 – Cryptocurrency Stealer Delivered From Official Monero Website

The official website for the Monero cryptocurrency was hacked recently and attackers replaced legitimate wallet files offered for download with a malicious version. The breach was discovered on November 18 after someone noticed that the hashes for the Linux CLI wallet available for download on getmonero.org did not match the hashes provided by the software’s developers. An investigation revealed that some of the legitimate wallet files had been replaced with a malicious version. Fortunately, the malicious files were not available for download for very long, but at least one user claimed that their wallet was drained after downloading a manipulated file.

Related Posts