AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 12/10/2019

1 – Britain investigating whether leaked trade papers were hacked

British cyber security officials are investigating whether classified UK-U.S. trade documents that were shared online ahead of Thursday’s election were acquired by hacking or were leaked, two sources told Reuters.  Beside the fears that Russia could be meddling in another Western election, the disclosure of the classified documents has raised questions about the security of sensitive discussions between the United States and one of its closest allies. Britain’s opposition Labour Party seized on the documents, saying they showed Prime Minister Boris Johnson’s Conservatives were plotting to sell off parts of the state-run National Health Service (NHS) in trade talks with U.S. President Donald Trump.


2 – Over 750,000 applications for US birth certificate copies exposed online

An online company that allows users to obtain a copy of their birth and death certificates from U.S. state governments has exposed a massive cache of applications — including their personal information. More than 752,000 applications for copies of birth certificates were found on an Amazon Web Services (AWS) storage bucket. (The bucket also had 90,400 death certificate applications, but these could not be accessed or downloaded.) The bucket wasn’t protected with a password, allowing anyone who knew the easy-to-guess web address access to the data.


3 – Possible APT attacks against Ukraine expand to target journalists, researchers say

A suspected Russian hacking campaign that’s resulted in attacks against Ukrainian military and government agencies also has affected journalists, law enforcement and nongovernmental organizations, according to new findings. Gamaredon, a hacking group that has been active since 2013 and mostly haunted Ukrainian government targets, has broadened its reach within that country, the threat intelligence company Anomali said in research published Dec. 5. Anomali did not identify any Gamaredon targets by name, other than the Ministry of Foreign Affairs, and said it remains unclear if attackers successfully have breached the targeted people and organizations.


4 – Cyberattack cripples city of Pensacola, officials not sure if personal data was exposed

An ongoing cyberattack has crippled the city of Pensacola’s computer communication systems, and officials are working to determine whether personal data has been compromised. “The city of Pensacola is experiencing a cyberattack that began this weekend that is impacting our city network, including phones and email at City Hall and some of our other buildings,” Pensacola Mayor Grover Robinson said at his weekly press conference on Monday morning. The cyberattack began just after 1:45 a.m. Saturday and has continued since then, city officials said Monday. Robinson said officials did not know if the attack was connected in any way to the deadly shooting at NAS Pensacola on Friday morning.


5 – 2.7 billion email addresses exposed online, more than 1 billion of them include passwords

A huge database of more than 2.7 billion email addresses was left exposed on the web, accessible to anyone with a web browser. More than one billion of those records also contained a plain-text password associated with the email address. Comparitech collaborated with security researcher Bob Diachenko to uncover the database on December 4, 2019. Although the database owner was not identified, Diachenko immediately alerted the US ISP that hosted the IP address to take it down. The vast majority of emails were from Chinese domains including qq.com, 139.com, 126.com, gfan.com, and game.sohu.com. Those domains belong to some of China’s biggest internet companies including Tencent, Sina, Sohu, and NetEase.


6 – China 3-5-2 directive orders state offices to remove foreign hardware and software

Officials from the Beijing government ordered all government offices and public institutions to replace foreign hardware and software with Chinese solutions within the next three years. The Government has issued a directive, tracked as “3-5-2,” to public institutions earlier this spring that includes the details for the replacement. The directive will have a significant impact on major U.S. firms including Dell, HP, and Microsoft. “Beijing has ordered all government offices and public institutions to remove foreign computer equipment and software within three years, in a potential blow to the likes of HP, Dell and Microsoft.” reported the Financial Times.


7 – Snapchat launching deepfake ‘Cameo’ feature this month for editing your face into GIFs

Snapchat is taking its filters and face tracking features to the next level later this month. TechCrunch reports that Snapchat will launch a new “Cameos” feature on December 18, allowing users to replace the faces in videos with their own. The Snapchat Cameo feature is described as a “simplified way to deepfake you into GIFs,” building upon Snapchat’s popular Bitmoji feature. Snapchat Cameo is the latest advancement of Snapchat’s facial recognition and face tracking features. The company hopes to use these features, along with its augmented reality platform, as a way to set itself apart from the likes of Instagram, Facebook, and WhatsApp.


8 – Apple has ‘deep concerns’ that ex-employees accused of theft will flee to China

Apple Inc on Monday told a federal court it has “deep concerns” that two Chinese-born former employees accused of stealing trade secrets from the company will try to flee before their trials if their locations are not monitored.  At a hearing in U.S. District Court for the Northern District of California, prosecutors argued that Xiaolang Zhang and Jizhong Chen should continue to be monitored because they present flight risks. Federal prosecutors alleged Zhang worked on Apple’s secretive self-driving car program and took files related to the project before disclosing that he was going to work for a Chinese competitor. Federal agents arrested Zhang last year at the San Jose airport as he was about to board a flight for China.


9 – A DNA Firm That Caters to Police Just Bought a Genealogy Site

On Monday afternoon, GEDmatch announced it was being taken over by a new owner, the forensic genomics firm Verogen. The San Diego-based company spun out of sequencing giant Illumina two years ago, specializing in next-generation DNA testing services catered to law enforcement. With the acquisition of GEDmatch, Verogen may also start offering genealogy searches like the ones that have so far identified suspects in as many as 70 cases. “Never before have we as a society had the opportunity to serve as a molecular eyewitness, enabling law enforcement to solve violent crimes efficiently and with certainty,” Verogen CEO Brett Williams said in a statement announcing the deal. The terms of the agreement were not disclosed.


10 – India proposes new rules to access its citizens’ data

India has proposed groundbreaking new rules that would require companies to garner consent from citizens in the country before collecting and processing their personal data. But at the same time, the new rules also state that companies will have to hand over “non-personal” data of their users to the government, and New Delhi will also hold the power to collect any data of its citizens without consent, thereby bypassing the laws applicable to everyone else, to serve sovereignty and larger public interest.

Related Posts