AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 12/16/2020

Amazon, TikTok, Facebook, Others Ordered To Explain What They Do With User Data

The Federal Trade Commission is demanding that nine social media and tech companies share details on how they harness users’ data and what they do with the information. Amazon.com, TikTok owner ByteDance, Discord, Facebook, Reddit, Snap, Twitter, WhatsApp (also owned by Facebook), and YouTube were sent orders by the FTC on Monday to provide the commission with details on their data collection and advertising practices. The companies have 45 days to respond to the order. Representatives for these companies didn’t immediately respond to NPR’s request for comment. The inquiry is the latest move by federal regulators to crack the whip on big tech in an attempt to monitor their activities.

 

Mozilla throws weight behind Apple iOS 14 anti-tracking plans

The maker of the popular internet browser Firefox, Mozilla, has come out in full support of Apple’s plans to limit the tracking of its users on iOS.  In a post the company stated: In 2019, Mozilla called on Apple to increase user privacy by automatically resetting the Identifier for Advertisers (IDFA) on iPhones. The IDFA lets advertisers track the actions users take when they use apps – kind of like a salesperson that follows you from store to store while you shop, recording every item you look at. Creepy, right? Early 2020, Apple went even further than what Mozilla supporters had asked for when it announced that it will give consumers the option to opt-out of tracking in each app, essentially turning off IDFA and giving millions of consumers more privacy online. Apple’s announcement also made a loud statement: mass data collection and invasive advertising don’t have to be the norm online.

 

China suspected of spying on Americans via Caribbean phone networks

China appears to have used mobile phone networks in the Caribbean to surveil US mobile phone subscribers as part of its espionage campaign against Americans, according to a mobile network security expert who has analysed sensitive signals data. The findings paint an alarming picture of how China has allegedly exploited decades-old vulnerabilities in the global telecommunications network to route “active” surveillance attacks through telecoms operators. The alleged attacks appear to be enabling China to target, track, and intercept phone communications of US phone subscribers, according to research and analysis by Gary Miller, a Washington state-based former mobile network security executive.

 

Google: Here’s what caused our big global outage

Google has published preliminary details of the cause of Monday’s global outage, which hit YouTube, Gmail, and Google Cloud Platform services. The company reveals that the crux of the issue, now tagged as ‘Google Cloud Infrastructure Components incident 20013’, was reduced capacity for Google’s central identity-management system, blocking any service that required users to log in. However, the root cause was an issue in Google’s automated storage quota management system, which in turn reduced the capacity of the authentication system.  The two main services impacted were Google Cloud Platform, which means Cloud Console, Cloud Storage, BigQuery, and the Google Kubernetes Engine. All users would have experienced an authentication error during the 50-minute outage. 

 

SolarWinds Hack Could Affect 18K Customers

The still-unfolding breach at network management software firm SolarWinds may have resulted in malicious code being pushed to nearly 18,000 customers, the company said in a legal filing on Monday. Meanwhile, Microsoft should soon have some idea which and how many SolarWinds customers were affected, as it recently took possession of a key domain name used by the intruders to control infected systems. On Dec. 13, SolarWinds acknowledged that hackers had inserted malware into a service that provided software updates for its Orion platform, a suite of products broadly used across the U.S. federal government and Fortune 500 firms to monitor the health of their IT networks. In a Dec. 14 filing with the U.S. Securities and Exchange Commission (SEC), SolarWinds said roughly 33,000 of its more than 300,000 customers were Orion customers, and that fewer than 18,000 customers may have had an installation of the Orion product that contained the malicious code. SolarWinds said the intrusion also compromised its Microsoft Office 365 accounts.

 

Gamers face high and ongoing risk of identity theft and bullying

American gamers are at a higher risk for identity theft than gamers around the world, according to new research from security firm Kaspersky. Twenty-seven percent of gamers in the US have had their ID stolen compared to only 12% worldwide, based on data from “Generation Game.” Kaspersky surveyed 5,031 gamers in 17 countries for the report. That works out to about 179 million people around the world who have had their identity stolen through a video game scam. All survey respondents were under 35, spread evenly across gender, age, and socioeconomic status, and play at least 5-10 hours per week on a PC. The survey also asked about how much respondents talked with their family members about gaming and why people play in the first place. Marina Titova, head of consumer product marketing at Kaspersky, said that there are many ways of tricking users into providing their gaming ID or other personal details from setting up relatively basic scams exploiting hype around a trending video game to creating websites that mimic or copy online stores with a very high-level quality of execution. 

 

NATO Assessing Damage from SolarWinds Hack, Canada Issues Alert

The NATO Western military alliance is assessing the damage caused to its communication networks as a result of a massive hack that has rocked global institutions, including multiple agencies of the U.S. federal government and neighboring Canada. The infiltration was first uncovered Sunday days after cybersecurity firm FireEye admitted it was hit by an unclaimed attack ultimately attributed to a series of trojanized updates to software company SolarWinds, which services some of the largest public and private institutions around the world. Among these customers are all five branches of the Pentagon, as well as U.S. military allies spanning the 30-member North Atlantic Treaty Organization (NATO), certain agencies of which use SolarWinds. A NATO official told Newsweek that the transatlantic mutual defense group has sounded the alarm internally.

Related Posts