AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 12/20/2019

1 – The weird future of brain-computer interfaces: Replacing passwords with thoughts and mind-reading bosses who can tell when you are bored

Brain computer interfaces may sound futuristic, but adoption of such systems — which allow signals from the brain to be recorded or used to control technology — is on the rise. Much of the development work going on around BCIs is focused on medical uses for the tech, but consumer applications of BCIs are already being explored, from providing a better gaming experience to allow your boss to track your work rate.  BCIs have generated enough buzz to make it into Gartner ‘s hype cycle, the tech analyst’s measure of which new technologies are living up to their promises, and which are falling short. BCIs are, according to last year’s hype cycle for emerging technologies, in the peak of inflated expectations.


2 – Vladimir Putin’s Computer Is Apparently Still Running Windows XP

Russia might be trying to hack everything and everyone, but Vladimir Putin himself is a little behind the technological times. Russian website Open Media reported that Putin’s computers in his Kremlin office and at his official residence are running Windows XP, the entirely obsolete system released in 2001. Microsoft stopped releasing updates to XP five years ago. But even before the updates stopped in 2014, using XP was a dangerous proposition. “Windows XP was launched in 2001, which meant the design and engineering of it took place in the late 90s into 2000, which was a very different world when we think about the profiles of the malware and the profiles of the hackers and bad people attacking PCs on the Internet,” Tom Murphy, then-director of communications for Windows at Microsoft, told CNET in 2014. “It was a much simpler time.”


3 – Indian government orders mobile internet to be suspended in the capital, says Airtel

Amid protests across the nation over new and upcoming citizenship laws in India, a major carrier called Airtel said in a now-deleted tweet that the government has ordered mobile data, voice, and SMS services to be suspended in some parts of the country’s capital of New Delhi. This is alarming because it illustrates that the country’s government is clamping down on citizens‘ efforts to voice their opinions on numerous issues plaguing India right now, and restricting their ability to coordinate protests. The news follows the onset of protests in several cities and towns against the National Register of Citizens Bill (NRC) and the Citizenship Amendment Act (CAA).


4 – Cyprus Arrests Three in ‘Israeli Spy Van’ Probe

Cyprus on Thursday arrested three people in connection with an alleged Israeli-owned “spy van” equipped with sophisticated surveillance technology capable of hacking communications, police said. The Cypriot suspects, two men and a woman, face 13 charges related to violation of privacy laws, processing private data, falsely obtaining documents and breaking the radio communication law. Police said the trio – who work for the company that owns the van — are expected to appear before a court in the southern coastal city of Larnaca on Friday for a detention order. The vehicle is owned by Cyprus-registered company WiSpear, whose Israeli CEO Tal Dillian is said to be a former Israeli intelligence officer.


5 – Twelve Million Phones, One Dataset, Zero Privacy

EVERY MINUTE OF EVERY DAY, everywhere on the planet, dozens of companies — largely unregulated, little scrutinized — are logging the movements of tens of millions of people with mobile phones and storing the information in gigantic data files. The Times Privacy Project obtained one such file, by far the largest and most sensitive ever to be reviewed by journalists. It holds more than 50 billion location pings from the phones of more than 12 million Americans as they moved through several major cities, including Washington, New York, San Francisco and Los Angeles.


6 – Frankfurt shuts down IT network following Emotet infection

Frankfurt, one of the largest financial hubs in the world and the home of the European Central Bank, has shut down its IT network this week following an infection with the Emotet malware. Frankfurt is the fourth German entity that shut down its IT network in the past two weeks because of Emotet. The other three are (1) the Justus Liebig University (JLU) in Gießen, a town north of Frankfurt; (2) Bad Homburg, another city north of Frankfurt; and (3) the Catholic University in Freiburg, a city in southwest Germany, near the French border.


7 – Wawa announces massive data breach, ‘potentially all’ locations affected, CEO says

The CEO of Wawa says they are investigating a data breach that has potentially affected all of their locations. “I am very sorry to share with you that Wawa has experienced a data security incident. Our information security team discovered malware on Wawa payment processing servers on December 10, 2019, and contained it by December 12, 2019,” said Wawa CEO Chris Gheysens in a letter to customers on Thursday. This malware affected customer payment card information used at potentially all Wawa locations beginning at different points in time after March 4, 2019 and until it was contained last week.


8 – 267 million Facebook users IDs and phone numbers exposed online

A database containing more than 267 million Facebook user IDs, phone numbers, and names was left exposed on the web for anyone to access without a password or any other authentication. Comparitech partnered with security researcher Bob Diachenko to uncover the Elasticsearch cluster. Diachenko believes the trove of data is most likely the result of an illegal scraping operation or Facebook API abuse by criminals in Vietnam, according to the evidence. The information contained in the database could be used to conduct large-scale SMS spam and phishing campaigns, among other threats to end users.


9 – China-Based Cyber Espionage Group Targeting Orgs in 10 Countries

An advanced persistent threat (APT) actor likely operating out of China has, for the past two years at least, been quietly targeting organizations in the United States and around the globe in a sweeping espionage campaign. Among its dozens of victims are companies in the aviation, construction, energy, finance, healthcare, transportation industries, as well as others, across 10 countries, including the US, UK, Brazil, China, France, and Germany. The attacker, identified as “APT20” in a report this week from NCC Group’s Fox-IT, is likely geopolitically motivated and state-backed, the security vendor said.


10 – Booking.com agrees to change way it presents travel offers

The European Commission said on Friday that travel site Booking.com had committed to end “manipulative techniques” for offers, such as wrongly presenting them as time-limited, and misrepresenting discounts. The EU executive and the Netherlands Authority for Consumers and Markets have been in talks with Booking.com for the past year and accepted commitments the company made to bring its practices in line with EU consumer law. “As a market leader, it is vital that companies like Booking.com meet their responsibilities in this area,” Didier Reynders, EU commissioner for justice and consumers, said in a statement.


Related Posts