AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/22/2019

1 – Midwest Gets First Cybercrime-Fighting Dog

Police in Nebraska have recruited a highly trained dog to assist them in the fight against cybercrime. Two-year-old black Labrador Quinn has joined the Bellevue Police Department as the Midwest’s first-ever electronic storage device K-9 officer. Unlike most sniffer dogs, who are taught to detect drugs, Officer Quinn has been specially trained to sniff out a particular chemical used in electronic devices like SIM cards, cell phones, and micro SD cards. “Her sole purpose is electronics detection,” said Quinn’s partner, cybercrimes detective Roy Howell. 


2 – Pennsylvania Supreme Court Rules Police Can’t Force You to Tell Them Your Password

The Pennsylvania Supreme Court issued a forceful opinion today holding that the Fifth Amendment to the U.S. Constitution protects individuals from being forced to disclose the passcode to their devices to the police. In a 4-3 decision in Commonwealth v. Davis, the court found that disclosing a password is “testimony” protected by the Fifth Amendment’s privilege against self-incrimination. EFF filed an amicus brief in Davis, and we were gratified that the court’s opinion closely parallels our arguments. The Fifth Amendment privilege prohibits the government from coercing a confession or forcing a suspect to lead police to incriminating evidence. We argue that unlocking and decrypting a smartphone or computer is the modern equivalent of these forms of self-incrimination.


3 – Dynamic email in Gmail launches on Android and iOS

Following a preview last February, Google launched its AMP for Email project into general availability, allowing companies to imbue their emails with interactive and engaging web-like experiences. Gmail on the web natively supported the new dynamic emails format at launch, but the Gmail app for Android and iOS didn’t — until today. Google this morning announced that Gmail on Android and iOS will support dynamic mail starting on November 21. That date’s for G Suite domains  — some Gmail users might see it sooner. Admins won’t need to activate the feature within their console before dynamic emails will show up — it’s on by default — but users who access Gmail through a third-party mail app that doesn’t support AMP will be served a static version of the email.


4 – Hackers leak 2TB of Data From Cayman National Bank stolen by Phineas Fisher

The Cayman Islands are a fiscal paradise that attracts money of questionable origin from all over the world, for this reason, the content of a new data leak is scaring the global finance. The Cayman National has a branch on the Isle of Man that focuses in offshore banking. Hackers that go online with the handle Distributed Denial of Secrets have published 2TB of confidential data belonging to the Cayman National bank. The Distributed Denial of Secrets group started releasing the materials on Saturday, it claimed that documents leaked contain evidence of money laundering by Russian oligarchs and other important people worldwide.


5 – Slack accuses Microsoft of ripping off its ads

Slack is accusing Microsoft of ripping off its ads. In a tweet posted by Slack today, the chat company makes a clear comparison between its own Frontiers video from earlier this year and Microsoft’s latest Teams promotional video from earlier this week. Both feature virtual colorful balls that are supposed to represent communication. Slack even hits Microsoft with the “ok boomer” meme to add insult to injury, mocking Microsoft for supposedly being old and out of touch. Microsoft revealed its latest promotional video earlier this week, alongside an announcement that its Teams app is now being actively used by 20 million people daily. That’s a massive jump from the 13 million daily users the company reported back in July, and it’s almost double Slack’s user count of 12 million that it reported last month.


6 – Apple removes customer reviews from its online store

Apple has removed customer reviews from its online store, as first reported by AppleInsider, and we’ve confirmed this to be the case. AppleInsider got a tip from a reader that the reviews had been removed from the US, UK, and Australian Apple Stores (which we have also confirmed).If you want to see the changes for yourself, you can look at the Wayback Machine archives for the original Apple Pencil for November 16th and November 17th, as found by AppleInsider. On the November 17th capture, you can see that the “Ratings & Reviews” section is gone.


7 – U.S. senators urge Trump administration to halt Huawei license approvals

A bipartisan group of 15 U.S. senators urged the Commerce Department to suspend issuing licenses to U.S. firms that conduct business with China’s Huawei Technologies Co, saying it could threaten U.S. security. HWT.UL. In a letter on Thursday to President Donald Trump, the senators said the administration should halt issuing licenses until the administration provides Congress “a report outlining specific criteria for determining whether or not the approval of any license poses a national security threat.” The Trump administration on Wednesday said it had begun issuing licenses to allow some suppliers to restart sales to the Chinese telecoms giant after it was placed on a trade blacklist because of national security concerns six months ago.


8 – Salesforce teases its emerging AI capabilities

Since introducing its Einstein AI platform a few years ago, Salesforce has built AI into more and more of its tools. At this year’s Dreamforce conference, for instance, the CRM giant announced new tools for customizing voice assistants and for incorporating AI into contact centers. The new capabilities showcase how Salesforce is progressively making work easier for its customers — albeit in incremental steps. To give Dreamforce attendees a more forward-looking glimpse into its product capabilities, the Salesforce Research team demonstrated some of its breakthroughs in areas like conversational AI and natural language generation. Their research is focused on building an AI-driven world so far only found in sci-fi, said Salesforce Chief Scientist Dr. Richard Socher.


9 – Amazon tells senators it isn’t to blame for Capital One breach

Amazon is pushing back against two lawmakers who’ve called out the company over security concerns after a hacker broke into a cloud server it hosted and stole millions of people’s data from Capital One. Disclosed in July, the Capital One breach allegedly involved a former Amazon Web Services (AWS) systems engineer, who, according to the Department of Justice, took advantage of the banking giant’s misconfigured firewall. In October, Sens. Elizabeth Warren and Ron Wyden called on the Federal Trade Commission to investigate whether Amazon was negligent in protecting the server it rented to Capital One. 


10 – Edenred Payment Solutions Giant Announces Malware Incident

Payment solutions giant Edenred today revealed in a statement that a malware incident affected an undisclosed number of its computing systems leading to an investigation for establishing the extent of the infection. Edenred operates an intermediation platform spanning across 46 countries and connecting of 50 million employees and 2 million partner merchants via 830,000 corporate clients. In 2018, the French group managed 2.5 billion specific purpose payment transactions representing roughly €30 billion in business volume, transactions carried out via cards, mobile apps, and online platforms.

Related Posts