AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 12/23/2019

1 – FBI program offers companies data protection via deception

The Federal Bureau of Investigations is in many ways on the front lines of the fight against both cybercrime and cyber-espionage in the US. These days, the organization responds to everything from ransomware attacks to data thefts by foreign government-sponsored hackers. But the FBI has begun to play a role in the defense of networks before attacks have been carried out as well, forming partnerships with some companies to help prevent the loss of critical data. Sometimes, that involves field agents proactively contacting companies when they have information of a threat—as two FBI agents did when they caught wind of researchers trying to alert casinos of vulnerabilities they said they had found in casino kiosk systems. 


2 – Twitter suspends accounts it says are linked to Saudi Arabia

Twitter has suspended thousands of accounts which it said on Friday were linked “to a significant state-backed information operation” originating in Saudi Arabia. In a public blog post, Twitter said it had removed about 5,929 accounts, which targeted discussions about Saudi Arabia, for violating its “platform manipulation policies”. It had also published data about these accounts, it added.


3 – GozNym Gang Members Behind $100 Million Damages Sentenced

Three members of a cybercrime group that used the GozNym banking Trojan to steal millions from U.S. businesses were sentenced today in parallel and multi-national prosecutions in Pittsburgh and Tbilisi, Georgia. The GozNym group members were charged for stealing “an estimated $100 million from more than 41 000 victims, primarily businesses and their financial institutions” according to a Europol press release from May. In all, ten members of the GozNym cybercriminal group were indicted in May, five of them being arrested at the time, while five other Russian nationals charged in the indictment — including the developed behind the GozNym malware — remain on the run.


4 – Greece to extradite Russian cybercrime suspect to France

Greece will extradite a Russian man suspected of having laundered billions of dollars in the digital currency bitcoin to France, the justice minister decided on Friday, court officials said. Alexander Vinnik, the alleged mastermind of a $4 billion (£3.07 billion) bitcoin laundering ring, is one of seven Russians arrested or indicted worldwide this year on U.S. cybercrime charges. Greece’s top court had cleared the way for Vinnik’s extradition to the United States in December 2017.


5 – Cox Communications Ordered to Pay $1 Billion For Failing to Stop Pirates

A Virginia jury ruled on Thursday that Cox Communications must pay a whopping $1 billion to several music publishers because the telecom company didn’t take enough action to stop its customers from pirating music. As Billboard and Variety report, Sony Music, Universal Music Group, Warner Music Group, and fifty other music publishers filed a lawsuit against Cox in July of 2018 alleging that the provider “deliberately refused to take reasonable measures” to stop at least 20,000 customers from committing repeated acts of copyright infringement. The complaint cited 10,017 songs that were allegedly pirated through Cox’s service.


6 – RavnAir flights in Alaska canceled after cyber attack

At least a dozen RavnAir flights in Alaska were canceled Saturday following what the company described as “a malicious cyber attack” on its computer network. The cancellations affected around 260 passengers, said company spokeswoman Debbie Reinwand. The regional carrier, which flies routes across much of Alaska, canceled all flights involving its Dash 8 aircraft, she said. The cancellations hit at the peak of holiday travel in Alaska, with schools out and many families traveling in the state or Outside.


7 – Popular chat app ToTok is reportedly secret United Arab Emirates spying tool

A report from The New York Times has revealed that messaging app ToTok, popular in the United Arab Emirates, is in fact a government spy tool, created for the benefit of UAE intelligence officials and used to track citizens’ conversations and movements. ToTok launched earlier this year and has been downloaded by millions in the UAE, a nation where Western messaging apps like WhatsApp and Skype are partially blocked. It promised “fast, free, and secure” messages and calls, and attracted users across the Middle East and beyond, even becoming one of the most downloaded social apps in the US last week.


8 – Fund manager defends backing blacklisted Chinese surveillance firm

The head of fund manager Fidelity International has defended her firm’s investment in a controversial Chinese surveillance company accused of contributing to human rights abuses. Fidelity owns a big stake in Hikvision, whose technology has allegedly been used to monitor the Uighur Muslim minorities in China’s Xinjiang region. Anne Richards said the fund tried to ensure firms it backed were ethical. Hikvision, which is reviewing its policies, has been asked to comment. In October, the US government blacklisted the firm – among others – for allegedly supporting a “campaign of repression [and] mass arbitrary detention” of mostly Muslim minority groups.


9 – UK’s Information Commissioner pours £275k fine into London pharmacy’s teaspoon

A pharmacy that left around half a million documents, including customers’ personal information and medical data, in unlocked storage at the back of its premises, has been fined £275,000 – a financial penalty the ICO has issued under the General Data Protection Regulation. UK data watchdog, the Information Commissioner’s Office, said London-based Doorstep Dispensaree Ltd, which supplies medicines to both individual customers and care homes, failed to secure the records. The data also contained addresses, dates of birth, NHS numbers and prescriptions pertaining to an unknown number of people.


10 -Man jailed for $122 million scam that fooled Google and Facebook

Lithuanian Evaldas Rimasauskas has been sentenced in a Manhattan court to five years in jail for successfully defrauding two large US companies out of $122 million. The frauds, which happened between 2013 and 2015, involved sending those companies fake invoices that appeared to come from a legitimate Taiwanese company, Quanta Computer Inc. Not realising the payments were the sharp end of an elaborate invoice fraud executed using spoofed email addresses, the companies’ accounts departments paid up. But the most arresting aspect of this fraud isn’t the large sums Rimasauskas stole but the companies he is reported to have conned – Facebook (to the tune of $99 million) and Google ($23 million).

Related Posts